vidar | b09cb2d37f5b4be0e3f2276c7b45de1a38b4c9dc2cb8afc7382884a0325b80f5 | Triage

Sharing

General

Target

1052-183-0x0000000005FF0000-0x0000000006266000-memory.dmp
Size

2.5MB
Sample

241007-rev6zssfqf
MD5

e168ffbbd6fecd6ab12321f21028890e
SHA1

ee128642cf3a3eaea5bfb65015cbbc42a3adfd50
SHA256

b09cb2d37f5b4be0e3f2276c7b45de1a38b4c9dc2cb8afc7382884a0325b80f5
SHA512

e596768d0e912017625f48457c4930e3b62a92f6fc7668a57d62f49841a9a83b8eb7de79009bf104dcf8eee71a042cb5607ec9431ab9c34e61a3b06c34d24a11
SSDEEP

12288:sbRVMP+YSGGkNs0Ix6BY/sCVJFEbtQIWmd:sboP+bGGkNKU3C30z

Score

10^/10

vidar 744fd163d6d4e0ac37e4032bcbfbb6af discovery stealer

Malware Config

Extracted

Family

vidar

Version

11

Botnet

744fd163d6d4e0ac37e4032bcbfbb6af

C2

https://steamcommunity.com/profiles/76561199780418869

https://t.me/ae5ed

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

- Target
  
  1052-183-0x0000000005FF0000-0x0000000006266000-memory.dmp
- Size
  
  2.5MB
- MD5
  
  e168ffbbd6fecd6ab12321f21028890e
- SHA1
  
  ee128642cf3a3eaea5bfb65015cbbc42a3adfd50
- SHA256
  
  b09cb2d37f5b4be0e3f2276c7b45de1a38b4c9dc2cb8afc7382884a0325b80f5
- SHA512
  
  e596768d0e912017625f48457c4930e3b62a92f6fc7668a57d62f49841a9a83b8eb7de79009bf104dcf8eee71a042cb5607ec9431ab9c34e61a3b06c34d24a11
- SSDEEP
  
  12288:sbRVMP+YSGGkNs0Ix6BY/sCVJFEbtQIWmd:sboP+bGGkNKU3C30z
Score

10^/10

vidar stealer discovery
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealer744fd163d6d4e0ac37e4032bcbfbb6afvidar

behavioral1

behavioral2

vidardiscoverystealer