vidar

General

Target

JaffaCakes118_4d69d80205597b2d16347c0943e31440a05bc5b773a1ca7e5f90e559a317cfed
Size

660.4MB
Sample

241221-3dv1datlgt
MD5

b9236a8c525eec96f3053e6830d095ab
SHA1

090d286579f9e283a3431a62a4993055f587917e
SHA256

4d69d80205597b2d16347c0943e31440a05bc5b773a1ca7e5f90e559a317cfed
SHA512

e4c684f42b33e859290b3d49dd077d54eaa483dbd4194c3ef8c2e31c44b5f7688dad2262088942f4a4a8009771ce40476dc0b76b7e890f9abe80d9707f5d28b1
SSDEEP

6144:8iyOWFVjBCDtJLkt64qssEkeFoaQXLGDZo9JIw7mmGpzDUX3aFs/81MK5:8iyO+Vk/kt63ssEkeFFQL2oB7iXe8/5

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

2.1

Botnet

827

C2

https://t.me/jetbim

https://steamcommunity.com/profiles/76561199471266194

http://65.21.58.6:80

Attributes

profile_id
827

Targets

- Target
  
  JaffaCakes118_4d69d80205597b2d16347c0943e31440a05bc5b773a1ca7e5f90e559a317cfed
- Size
  
  660.4MB
- MD5
  
  b9236a8c525eec96f3053e6830d095ab
- SHA1
  
  090d286579f9e283a3431a62a4993055f587917e
- SHA256
  
  4d69d80205597b2d16347c0943e31440a05bc5b773a1ca7e5f90e559a317cfed
- SHA512
  
  e4c684f42b33e859290b3d49dd077d54eaa483dbd4194c3ef8c2e31c44b5f7688dad2262088942f4a4a8009771ce40476dc0b76b7e890f9abe80d9707f5d28b1
- SSDEEP
  
  6144:8iyOWFVjBCDtJLkt64qssEkeFoaQXLGDZo9JIw7mmGpzDUX3aFs/81MK5:8iyO+Vk/kt63ssEkeFFQL2oB7iXe8/5
Score

10^/10

vidar 827 discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Vidar family

Uses the VBS compiler for execution

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2