vidar | baea231a54de7cc9e3d2613f313eaeefde8fc62ae66e283d7e15e887d2d8d7e6 | Triage

Submit
Reports

Overview

overview

Static

static

3

Controlled...xe.zip

windows7-x64

Controlled...xe.zip

windows10-2004-x64

Sharing

General

Target

ControlledAccessPoint.exe.zip
Size

466KB
Sample

241025-x1a1ts1jhj
MD5

1e2053d4cfc688bc63973f3d18b1e00f
SHA1

7529e740ae73ea65b507e68c2cad107725f78ad6
SHA256

baea231a54de7cc9e3d2613f313eaeefde8fc62ae66e283d7e15e887d2d8d7e6
SHA512

b7ced408d342b7948fe07aa18915724492d2dfafbdca4a8e4369959aafbcde8af88c34b0e76877486d15a66a41cb79407cdaa83cedf7092f59d1cac6d8f5286d
SSDEEP

6144:s8dj8NusAbUE04vKVvFnpvyakp3+NbOmAEH6kB7/yQB/2LTMqaPvncVq:s8GNn204vKrpvypR66mAEPB7/YMP3oq

Score

10^/10

vidar 2ee1445fc63bc20d0e7966867b13e0e1 discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ControlledAccessPoint.exe.zip

Resource

win7-20241010-en

vidar 2ee1445fc63bc20d0e7966867b13e0e1 discovery stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ControlledAccessPoint.exe.zip

Resource

win10v2004-20241007-en

vidar 2ee1445fc63bc20d0e7966867b13e0e1 discovery stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

vidar

Version

11

Botnet

2ee1445fc63bc20d0e7966867b13e0e1

C2

https://steamcommunity.com/profiles/76561199780418869

https://t.me/ae5ed

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

- Target
  
  ControlledAccessPoint.exe.zip
- Size
  
  466KB
- MD5
  
  1e2053d4cfc688bc63973f3d18b1e00f
- SHA1
  
  7529e740ae73ea65b507e68c2cad107725f78ad6
- SHA256
  
  baea231a54de7cc9e3d2613f313eaeefde8fc62ae66e283d7e15e887d2d8d7e6
- SHA512
  
  b7ced408d342b7948fe07aa18915724492d2dfafbdca4a8e4369959aafbcde8af88c34b0e76877486d15a66a41cb79407cdaa83cedf7092f59d1cac6d8f5286d
- SSDEEP
  
  6144:s8dj8NusAbUE04vKVvFnpvyakp3+NbOmAEH6kB7/yQB/2LTMqaPvncVq:s8GNn204vKrpvypR66mAEPB7/YMP3oq
Score

10^/10

vidar 2ee1445fc63bc20d0e7966867b13e0e1 discovery stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidar2ee1445fc63bc20d0e7966867b13e0e1discoverystealer

behavioral2

vidar2ee1445fc63bc20d0e7966867b13e0e1discoverystealer

© 2018-2025

Terms | Privacy