vidar | e35dd619030cfecfc2729ef7a1c948a787c83ee0cd9afcd397b11ebf47563e81

General

Target

e35dd619030cfecfc2729ef7a1c948a787c83ee0cd9afcd397b11ebf47563e81N
Size

348KB
Sample

241028-k1gr6awanp
MD5

4813a8136e1e6435c60a31a637378680
SHA1

687130c08896d5947f07c5741a342f847a1acc7c
SHA256

e35dd619030cfecfc2729ef7a1c948a787c83ee0cd9afcd397b11ebf47563e81
SHA512

6911a23e0d66b7ccb78eff3fe64be56bfe5c73f6f7c785d02a1a671a1803175dc9f28cf14a7fb344e85878372b1c4b75713acd4b3520d4997cf1340bf63d3425
SSDEEP

6144:uCw0n7MeFX4V5rEbUsMPGHJOXaMcylU9lPKylFNLmEFa2DzhoH2AixhV:Vw0nFX4V5rEbUsrfMckglyyDNLbF1DGE

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

4

Botnet

667e85c8112da056f901292caf82b3ed

C2

https://t.me/looking_glassbot

http://23.88.46.113:80

https://steamcommunity.com/profiles/76561199508624021

Attributes

profile_id_v2
667e85c8112da056f901292caf82b3ed
user_agent
Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36

Targets

- Target
  
  e35dd619030cfecfc2729ef7a1c948a787c83ee0cd9afcd397b11ebf47563e81N
- Size
  
  348KB
- MD5
  
  4813a8136e1e6435c60a31a637378680
- SHA1
  
  687130c08896d5947f07c5741a342f847a1acc7c
- SHA256
  
  e35dd619030cfecfc2729ef7a1c948a787c83ee0cd9afcd397b11ebf47563e81
- SHA512
  
  6911a23e0d66b7ccb78eff3fe64be56bfe5c73f6f7c785d02a1a671a1803175dc9f28cf14a7fb344e85878372b1c4b75713acd4b3520d4997cf1340bf63d3425
- SSDEEP
  
  6144:uCw0n7MeFX4V5rEbUsMPGHJOXaMcylU9lPKylFNLmEFa2DzhoH2AixhV:Vw0nFX4V5rEbUsrfMckglyyDNLbF1DGE
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2