vidar | edd1f672869f737532abca4244f8cd5f4f8701c8735ee1a8f86be50229d40512 | Triage

Submit
Reports

Overview

overview

Static

static

1

edd1f67286...12.exe

windows7-x64

7

edd1f67286...12.exe

windows10-2004-x64

Sharing

General

Target

edd1f672869f737532abca4244f8cd5f4f8701c8735ee1a8f86be50229d40512
Size

396KB
Sample

241004-rfhbhsyajn
MD5

6aee348be33ffe393fc87ff69b672058
SHA1

df6a7eb426b6987b367b7877ebf8a3e359df3b7f
SHA256

edd1f672869f737532abca4244f8cd5f4f8701c8735ee1a8f86be50229d40512
SHA512

b5cc5d74ee5f030b16d58d008e02525cdd88334b882c85dd21780e6366d11d530fc87c36f6c026c23c45fa8bcdc6a97a259243f98358e2babb5ba7180fa7607d
SSDEEP

12288:4X7sNdMWoWuD0/9zWHScwy1ymCTmcPWphKKh2lh4beEZ:q7iuDo9zWycx38mcAMa

Score

10^/10

vidar b74ef0d8ce56e494b0d83e1d5be9dbeb discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

edd1f672869f737532abca4244f8cd5f4f8701c8735ee1a8f86be50229d40512.exe

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

edd1f672869f737532abca4244f8cd5f4f8701c8735ee1a8f86be50229d40512.exe

Resource

win10v2004-20240802-en

vidar b74ef0d8ce56e494b0d83e1d5be9dbeb discovery stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

11

Botnet

b74ef0d8ce56e494b0d83e1d5be9dbeb

C2

https://steamcommunity.com/profiles/76561199780418869

https://t.me/ae5ed

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

- Target
  
  edd1f672869f737532abca4244f8cd5f4f8701c8735ee1a8f86be50229d40512
- Size
  
  396KB
- MD5
  
  6aee348be33ffe393fc87ff69b672058
- SHA1
  
  df6a7eb426b6987b367b7877ebf8a3e359df3b7f
- SHA256
  
  edd1f672869f737532abca4244f8cd5f4f8701c8735ee1a8f86be50229d40512
- SHA512
  
  b5cc5d74ee5f030b16d58d008e02525cdd88334b882c85dd21780e6366d11d530fc87c36f6c026c23c45fa8bcdc6a97a259243f98358e2babb5ba7180fa7607d
- SSDEEP
  
  12288:4X7sNdMWoWuD0/9zWHScwy1ymCTmcPWphKKh2lh4beEZ:q7iuDo9zWycx38mcAMa
Score

10^/10

discovery vidar b74ef0d8ce56e494b0d83e1d5be9dbeb stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Downloads MZ/PE file
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

vidarb74ef0d8ce56e494b0d83e1d5be9dbebdiscoverystealer

© 2018-2025

Terms | Privacy