vidar | 1295eba5573da39b64f4b6f2ede706d2ab1fe607035630f70ef421e539c3cd5b | Triage

Sharing

General

Target

artifact.bin
Size

337KB
Sample

240917-ktsk3svakg
MD5

6801e433b0f0b71567fae877a1467894
SHA1

2af35d70543c19f452758305f1156358ec2fc8c9
SHA256

1295eba5573da39b64f4b6f2ede706d2ab1fe607035630f70ef421e539c3cd5b
SHA512

6ba9625119159ab725d081fd234813a46159231d5e45cece63779d05a410a3433a09667df22a3a14aa0b1f8da464b9ab171855ea2c155c310b6193a1ca5569b0
SSDEEP

6144:Q3TdaE6hn7oBZGa0Y3sLM9g8SyyEm+fB+PWvGoQULmHC:Q3ToE6N7o+aNkMGnMfB+PCXSi

Score

10^/10

vidar 849 discovery

Malware Config

Extracted

Family

vidar

Version

2.1

Botnet

849

C2

https://t.me/jetbim

https://steamcommunity.com/profiles/76561199471266194

http://65.21.58.6:80

Attributes

profile_id
849

Targets

- Target
  
  artifact.bin
- Size
  
  337KB
- MD5
  
  6801e433b0f0b71567fae877a1467894
- SHA1
  
  2af35d70543c19f452758305f1156358ec2fc8c9
- SHA256
  
  1295eba5573da39b64f4b6f2ede706d2ab1fe607035630f70ef421e539c3cd5b
- SHA512
  
  6ba9625119159ab725d081fd234813a46159231d5e45cece63779d05a410a3433a09667df22a3a14aa0b1f8da464b9ab171855ea2c155c310b6193a1ca5569b0
- SSDEEP
  
  6144:Q3TdaE6hn7oBZGa0Y3sLM9g8SyyEm+fB+PWvGoQULmHC:Q3ToE6N7o+aNkMGnMfB+PCXSi
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2