vidar | 2524855bcced9b49150501bb4d12e4699d48354003f7ad22d068fefe93f34bf1 | Triage

Sharing

General

Target

19160610963.zip
Size

7.0MB
Sample

240926-kajh3azdkc
MD5

98786f4281c73080a1ac7dd6c3bb4e28
SHA1

990cad825276347a6e380b5f6a5cef1641a7e500
SHA256

2524855bcced9b49150501bb4d12e4699d48354003f7ad22d068fefe93f34bf1
SHA512

9f3fa98744a89b84583350b1055ba7f60574f091d62ac7efafe21a0934da91d7acbf775c89d61bba67cdb9714eede0a0160f5f63cdb1981bce96d860af23fb25
SSDEEP

196608:cNSQqz1KfQNrbE9KUNvAkeXleCJv28Q/K6:cwQ44KcsUFS1RB286K6

Score

10^/10

vidar 1134 discovery stealer

Malware Config

Extracted

Family

vidar

Version

54.6

Botnet

1134

C2

https://t.me/huobiinside

https://mas.to/@kyriazhs1975

http://79.124.78.206:80

Attributes

profile_id
1134

Targets

- Target
  
  TradingView Premium Beta_v.2.4.exe
- Size
  
  375.0MB
- MD5
  
  d9bdbd87fb9087d61e30d831d96aaa05
- SHA1
  
  f3f8faaecfe13dcaf436cb6da98aa794f4fef46b
- SHA256
  
  21805c67ab453e3a483f64e76e19bd75441022356af7cf13eb936af1617f318a
- SHA512
  
  22d18c9427b63f7c327211d673b7ab7489d606f16b0feebffa3121b3b0f533c83cacf2d1aa6751d1acdd784cfd7bcdbbd076cdb9dd3527fd11cb44b1a0b103df
- SSDEEP
  
  196608:0AFFtEK4xfkZILW1T81daQHyWQOPVpN2+30eivq:0QtEHxfNW1idaVOPV/Drii
Score

10^/10

vidar 1134 discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidar1134discoverystealer

behavioral2

vidar1134discoverystealer