vidar | 4f085fd6fcb5ecd546101733c4333c019d7bd8e260e01e84495cb130f5e4748a | Triage

Sharing

General

Target

19572247410.zip
Size

170KB
Sample

241023-d3v91a1apr
MD5

d9864627a0f37446fbe45db47a1b27b2
SHA1

a03f4afbc84bc84da6250b1a2b6bdbd7048279f9
SHA256

4f085fd6fcb5ecd546101733c4333c019d7bd8e260e01e84495cb130f5e4748a
SHA512

f73300ca1fcf0feb1e6a035d46fa42e1a90b333e532f6e0ba1d6349c11d7aa6e3c5bd539b5cdf711612e6c2db9544c6d1404f3358cf8e4b37d63f57ef36fc545
SSDEEP

3072:LaXGpVQwGlRtLifumkdd0CQ6XbOgEvvbL7h8ljSRHhViVU4xETPNZ/ObBzOXoCV3:uZbLhRSlHzhQj4HhuUBTPNpOkZBz

Score

10^/10

vidar bd3f08527a8d34ce9f748958a20d5da4 discovery

Malware Config

Extracted

Family

vidar

Version

6

Botnet

bd3f08527a8d34ce9f748958a20d5da4

C2

https://steamcommunity.com/profiles/76561199560322242

https://t.me/cahalgo

Attributes

profile_id_v2
bd3f08527a8d34ce9f748958a20d5da4
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 uacq

Targets

- Target
  
  49488fd0d4b337889c0cd5d5613fa072c9f244d93e991bc75cf3724e8a08fac1
- Size
  
  316KB
- MD5
  
  dc9b202bbbc73ce04f715295207d317f
- SHA1
  
  bf81527d492c836d181d8e32238bd61dd9355761
- SHA256
  
  49488fd0d4b337889c0cd5d5613fa072c9f244d93e991bc75cf3724e8a08fac1
- SHA512
  
  1cd4c94c4bac618861487db9f456c2a6d5049238dd2333addad704c64220b5dd676f9686c74d52781099592c4a230c73cdd528f7626b7a33953e1093e2962f05
- SSDEEP
  
  6144:Abe2Qqw3tylpe5pXj1ISI4kWuY7v3BdhZFhJaPR8zhFyjU:n9y7e7myT37hZFh2R8
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

bd3f08527a8d34ce9f748958a20d5da4vidar

behavioral1

behavioral2