vidar | 8bb86c8dcf1a9a4870e5f659b472f4826a05d8d6f7234658a8e8903c284ac4c5 | Triage

Submit
Reports

Overview

overview

Static

static

1

8bb86c8dcf...c5.exe

windows7-x64

8bb86c8dcf...c5.exe

windows10-2004-x64

Sharing

General

Target

8bb86c8dcf1a9a4870e5f659b472f4826a05d8d6f7234658a8e8903c284ac4c5
Size

559KB
Sample

241004-w5c6batemd
MD5

cc58463069fb1c5b47270fc6e4b41400
SHA1

1c5ac9d2ecb70e0fe5f32172de422b26bd243289
SHA256

8bb86c8dcf1a9a4870e5f659b472f4826a05d8d6f7234658a8e8903c284ac4c5
SHA512

faa949c89049649a82d381aa65b370fe8d9557c175f6771c91c7658b3fa95dc5d1ebebe3751bc51d55f1f9b2e90bf7ce5b03fe22224e7934c3f5eadba55dda2e
SSDEEP

12288:JFdmQisJRpBNx7PAbhjIB6ZjNDumjkz9H5ijhIGx0ruSz2VPuEO:B7RTvzAF8B6FNDV2hEjhIG4uS0ut

Score

10^/10

vidar discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

8bb86c8dcf1a9a4870e5f659b472f4826a05d8d6f7234658a8e8903c284ac4c5.exe

Resource

win7-20240903-en

vidar discovery stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

8bb86c8dcf1a9a4870e5f659b472f4826a05d8d6f7234658a8e8903c284ac4c5.exe

Resource

win10v2004-20240802-en

vidar discovery stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

vidar

C2

http://proxy.johnmccrea.com/

https://steamcommunity.com/profiles/76561199780418869

https://t.me/ae5ed

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

- Target
  
  8bb86c8dcf1a9a4870e5f659b472f4826a05d8d6f7234658a8e8903c284ac4c5
- Size
  
  559KB
- MD5
  
  cc58463069fb1c5b47270fc6e4b41400
- SHA1
  
  1c5ac9d2ecb70e0fe5f32172de422b26bd243289
- SHA256
  
  8bb86c8dcf1a9a4870e5f659b472f4826a05d8d6f7234658a8e8903c284ac4c5
- SHA512
  
  faa949c89049649a82d381aa65b370fe8d9557c175f6771c91c7658b3fa95dc5d1ebebe3751bc51d55f1f9b2e90bf7ce5b03fe22224e7934c3f5eadba55dda2e
- SSDEEP
  
  12288:JFdmQisJRpBNx7PAbhjIB6ZjNDumjkz9H5ijhIGx0ruSz2VPuEO:B7RTvzAF8B6FNDV2hEjhIG4uS0ut
Score

10^/10

vidar discovery stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidardiscoverystealer

behavioral2

vidardiscoverystealer

© 2018-2025

Terms | Privacy