vidar | 809ab4cb1413abee866fffe9eed1813832800b851ee3f50e7a62478b81220f8d | Triage

Sharing

General

Target

809ab4cb1413abee866fffe9eed1813832800b851ee3f50e7a62478b81220f8d
Size

772KB
Sample

240924-2911ts1cpr
MD5

8bff70298078d3f4eacaaf651cfd8d82
SHA1

9b9ca284dfa2ccce7f35512159a398f8a3d1d7aa
SHA256

809ab4cb1413abee866fffe9eed1813832800b851ee3f50e7a62478b81220f8d
SHA512

e0e7bb118007b7a7d5f9eeaf0fe616f031d2c2f0a61e8fc745c553c286b17f7d33502a0e99ecb0ec882f7ec3c70835ac3ab6ad47d0f4462cb6a055ece068e016
SSDEEP

24576:IRu16WYdRNDl0Et8uEXE6dl5H92r5HenNY:oVNDl0Et8uEXE6ds1Hen

Score

10^/10

vidar 90713777d6d2d204104be2090765d294 discovery

Malware Config

Extracted

Family

vidar

Version

4.9

Botnet

90713777d6d2d204104be2090765d294

C2

https://t.me/dastantim

https://steamcommunity.com/profiles/76561199529242058

Attributes

profile_id_v2
90713777d6d2d204104be2090765d294
user_agent
Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Targets

- Target
  
  809ab4cb1413abee866fffe9eed1813832800b851ee3f50e7a62478b81220f8d
- Size
  
  772KB
- MD5
  
  8bff70298078d3f4eacaaf651cfd8d82
- SHA1
  
  9b9ca284dfa2ccce7f35512159a398f8a3d1d7aa
- SHA256
  
  809ab4cb1413abee866fffe9eed1813832800b851ee3f50e7a62478b81220f8d
- SHA512
  
  e0e7bb118007b7a7d5f9eeaf0fe616f031d2c2f0a61e8fc745c553c286b17f7d33502a0e99ecb0ec882f7ec3c70835ac3ab6ad47d0f4462cb6a055ece068e016
- SSDEEP
  
  24576:IRu16WYdRNDl0Et8uEXE6dl5H92r5HenNY:oVNDl0Et8uEXE6ds1Hen
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

90713777d6d2d204104be2090765d294vidar

behavioral1

behavioral2