vidar | 4cb736adec75a55221d734419a6feb3fa092cd19f4644a2dc5c0e3df749b215c | Triage

Submit
Reports

Overview

overview

Static

static

3

4cb736adec...cN.exe

windows7-x64

4cb736adec...cN.exe

windows10-2004-x64

Sharing

General

Target

4cb736adec75a55221d734419a6feb3fa092cd19f4644a2dc5c0e3df749b215cN
Size

8.3MB
Sample

240928-t6cj3awakr
MD5

69674243c7d65e72d226089e9adfdf20
SHA1

37ece8fa260de9900f194d59ebc57c75acd578f1
SHA256

4cb736adec75a55221d734419a6feb3fa092cd19f4644a2dc5c0e3df749b215c
SHA512

fc4799f8fd7c3f625fd301a18457fde33521512bf20864b4bb700e094e0713e663d493a65959483e3eb984b6e9a5352fd4894d95c4a11d60e42c27b4645700ca
SSDEEP

196608:Nhb0vhDix4Xgvoe4IdCCmbU0RWtPHYb/FCUUrbNQv4:L0JVXgvoerkU1p4btnYM4

Score

10^/10

vidar de2cea1f145998409041f17e238ab295 credential_access discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4cb736adec75a55221d734419a6feb3fa092cd19f4644a2dc5c0e3df749b215cN.exe

Resource

win7-20240903-en

vidar de2cea1f145998409041f17e238ab295 credential_access discovery stealer

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

4cb736adec75a55221d734419a6feb3fa092cd19f4644a2dc5c0e3df749b215cN.exe

Resource

win10v2004-20240802-en

vidar de2cea1f145998409041f17e238ab295 credential_access discovery stealer

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Extracted

Family

vidar

Version

10.7

Botnet

de2cea1f145998409041f17e238ab295

C2

https://steamcommunity.com/profiles/76561199751190313

https://t.me/pech0nk

Attributes

user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Targets

- Target
  
  4cb736adec75a55221d734419a6feb3fa092cd19f4644a2dc5c0e3df749b215cN
- Size
  
  8.3MB
- MD5
  
  69674243c7d65e72d226089e9adfdf20
- SHA1
  
  37ece8fa260de9900f194d59ebc57c75acd578f1
- SHA256
  
  4cb736adec75a55221d734419a6feb3fa092cd19f4644a2dc5c0e3df749b215c
- SHA512
  
  fc4799f8fd7c3f625fd301a18457fde33521512bf20864b4bb700e094e0713e663d493a65959483e3eb984b6e9a5352fd4894d95c4a11d60e42c27b4645700ca
- SSDEEP
  
  196608:Nhb0vhDix4Xgvoe4IdCCmbU0RWtPHYb/FCUUrbNQv4:L0JVXgvoerkU1p4btnYM4
Score

10^/10

vidar de2cea1f145998409041f17e238ab295 credential_access discovery stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarde2cea1f145998409041f17e238ab295credential_accessdiscoverystealer

behavioral2

vidarde2cea1f145998409041f17e238ab295credential_accessdiscoverystealer

© 2018-2025

Terms | Privacy