vidar | 32df75ebdf0e44f9351863160e89c89a000bebfa038ebb36dbb9e668ebcb045f | Triage

Sharing

General

Target

32df75ebdf0e44f9351863160e89c89a000bebfa038ebb36dbb9e668ebcb045f
Size

292KB
Sample

241018-wydhha1flc
MD5

9cc5ab9f921d3d7cb2e627fc9a89e901
SHA1

738d1eba7455ef319fe35014defd4ab1623d187c
SHA256

32df75ebdf0e44f9351863160e89c89a000bebfa038ebb36dbb9e668ebcb045f
SHA512

f1a0fdd301a9d4734dc63a236eea37d8142ea05164779f19d8474bf9fe0ff02dee053c3231c4313cc14a1ec0fba88fa7045b0205ea153fccc9387d5a01dc83a8
SSDEEP

6144:MiKNqzy8JFjVSZSJOyBiCmL5QZPNKNSQ7+STtqR9YjgD6vizk13Kb:Mi+q9I92Q1Tt3xvOb

Score

10^/10

vidar b258cf16f14faa3715bd942cece8035e discovery stealer

Malware Config

Extracted

Family

vidar

Version

7.3

Botnet

b258cf16f14faa3715bd942cece8035e

C2

https://t.me/bg3goty

https://steamcommunity.com/profiles/76561199601319247

Attributes

profile_id_v2
b258cf16f14faa3715bd942cece8035e
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0 uacq

Targets

- Target
  
  32df75ebdf0e44f9351863160e89c89a000bebfa038ebb36dbb9e668ebcb045f
- Size
  
  292KB
- MD5
  
  9cc5ab9f921d3d7cb2e627fc9a89e901
- SHA1
  
  738d1eba7455ef319fe35014defd4ab1623d187c
- SHA256
  
  32df75ebdf0e44f9351863160e89c89a000bebfa038ebb36dbb9e668ebcb045f
- SHA512
  
  f1a0fdd301a9d4734dc63a236eea37d8142ea05164779f19d8474bf9fe0ff02dee053c3231c4313cc14a1ec0fba88fa7045b0205ea153fccc9387d5a01dc83a8
- SSDEEP
  
  6144:MiKNqzy8JFjVSZSJOyBiCmL5QZPNKNSQ7+STtqR9YjgD6vizk13Kb:Mi+q9I92Q1Tt3xvOb
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerb258cf16f14faa3715bd942cece8035evidar

behavioral1

behavioral2