vidar | f419cea0dc3b585499f65ff8bdfa33f0a673361d09d1bb81411303fabf5aac1e | Triage

Sharing

General

Target

vidar - 04.11.2022.zip
Size

1.2MB
Sample

241111-pm5dhsykfz
MD5

61c89dc8b55c3e28b67e9f086c5930fb
SHA1

3098b3aa47e0180d3c68e5004ea53241ab59e2c7
SHA256

f419cea0dc3b585499f65ff8bdfa33f0a673361d09d1bb81411303fabf5aac1e
SHA512

b08d4c8fca98fdfdedd516ca3f870873441cbca72422bc0f3a53205ecd499f08436e42716a54a8b14b6dd8cb236852548aadc9f9a7f8e82d282caf40e42b8dc1
SSDEEP

24576:6zLtJHQ27MF1cCbGs+N8yhBz/pTip/h5zZ5Vc2jZ4nWKzsGZJxscKMWP:QHQ2m1mN7nBTyh5zZXNGfxrI

Score

10^/10

vidar 1375 discovery stealer

Malware Config

Extracted

Family

vidar

Version

54.7

Botnet

1375

C2

https://t.me/trampapanam

https://nerdculture.de/@yoxhyp

http://5.161.21.185:80

Attributes

profile_id
1375

Targets

- Target
  
  setup.exe
- Size
  
  2.7MB
- MD5
  
  ff461f6e26216dea2575082406f0be8a
- SHA1
  
  5f53eb73469d2770308c248b3379c67cdb731f26
- SHA256
  
  65046cfd956eb010ea8b5a530e0655cacaa183053ac15dd05003dc0e55904b79
- SHA512
  
  b6fbd71229e063433794ab99acd410ec9047f8f504450f19b2b19327bf189da8862c7052df91f97cfe598a03ef4aabe123af8ad378f74294298fcb512dba50d1
- SSDEEP
  
  49152:prGXefgOmE43F2iHV85Sp26Kn866cu3k1zj8DT++x:dNmE43F2iH+JQ3k1zj82+x
Score

10^/10

vidar 1375 discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidar1375discoverystealer