vidar

General

Target

JaffaCakes118_e09e69c19cf099abee84ee08ccf8b4df016589a6f3a334f51214f0696e783a3e
Size

688.1MB
Sample

241222-b6c7gsylcp
MD5

c9d1c99c0165b926347b74416cb637d3
SHA1

a9f2e824d67b7f735a77b99ed38a6858541b0b1a
SHA256

e09e69c19cf099abee84ee08ccf8b4df016589a6f3a334f51214f0696e783a3e
SHA512

8abcbdbee80e3ea85503449aab2595b1652eb60e5fdef3d5aa10379063986dfb291364102b38dc4aa5b0d0dc10313f3576898daad8c5c0357f870e284910d6ab
SSDEEP

12288:45AiyljeFdf+4p65wWypa62UT9VEndV/i:jiMIf+4p0w1pa6pVEdVK

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

2.8

Botnet

ed78cbd3101815b1664da959004f87ad

C2

https://t.me/dionysus_tg

https://steamcommunity.com/profiles/76561199482248283

http://157.90.113.100:80

Attributes

profile_id_v2
ed78cbd3101815b1664da959004f87ad

Targets

- Target
  
  JaffaCakes118_e09e69c19cf099abee84ee08ccf8b4df016589a6f3a334f51214f0696e783a3e
- Size
  
  688.1MB
- MD5
  
  c9d1c99c0165b926347b74416cb637d3
- SHA1
  
  a9f2e824d67b7f735a77b99ed38a6858541b0b1a
- SHA256
  
  e09e69c19cf099abee84ee08ccf8b4df016589a6f3a334f51214f0696e783a3e
- SHA512
  
  8abcbdbee80e3ea85503449aab2595b1652eb60e5fdef3d5aa10379063986dfb291364102b38dc4aa5b0d0dc10313f3576898daad8c5c0357f870e284910d6ab
- SSDEEP
  
  12288:45AiyljeFdf+4p65wWypa62UT9VEndV/i:jiMIf+4p0w1pa6pVEdVK
Score

10^/10

vidar ed78cbd3101815b1664da959004f87ad discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Vidar family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2