vidar | 7fa47adef4cac5c26675b8e9e95d6e8fe89a4656282540cb12893ddbf91b6c62 | Triage

Sharing

General

Target

2024-12-23_25af255fa096071828a17b03c775203b_frostygoop_poet-rat_snatch
Size

4.8MB
Sample

241223-v3nnlawley
MD5

25af255fa096071828a17b03c775203b
SHA1

ca58d882fa0b70b1bdd20fcc0da0894a983ebf4d
SHA256

7fa47adef4cac5c26675b8e9e95d6e8fe89a4656282540cb12893ddbf91b6c62
SHA512

d6a434b40d6d7a5fff763a234a8de7b01ea28f9556a35fb9a434c795d1c6bc4a7b37a558f704d0269c444c5c0e5ac243fa84a08e045a051f746ee860c7923fb1
SSDEEP

49152:8ax+8dQae52G8/cV/5EKKyVzpMWrBzyo8XsPL0hwMqy/SoRmo28Q3ZG5+GV3KGfP:ncyWH8/ylzyVsIqyaodV54

Score

10^/10

vidar 589 discovery stealer

Malware Config

Extracted

Family

vidar

Version

927

Extracted

Family

vidar

Version

2.5

Botnet

589

C2

https://t.me/noktasina

https://steamcommunity.com/profiles/76561199478503353

http://95.217.152.87:80

Attributes

profile_id
589
user_agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36

Targets

- Target
  
  2024-12-23_25af255fa096071828a17b03c775203b_frostygoop_poet-rat_snatch
- Size
  
  4.8MB
- MD5
  
  25af255fa096071828a17b03c775203b
- SHA1
  
  ca58d882fa0b70b1bdd20fcc0da0894a983ebf4d
- SHA256
  
  7fa47adef4cac5c26675b8e9e95d6e8fe89a4656282540cb12893ddbf91b6c62
- SHA512
  
  d6a434b40d6d7a5fff763a234a8de7b01ea28f9556a35fb9a434c795d1c6bc4a7b37a558f704d0269c444c5c0e5ac243fa84a08e045a051f746ee860c7923fb1
- SSDEEP
  
  49152:8ax+8dQae52G8/cV/5EKKyVzpMWrBzyo8XsPL0hwMqy/SoRmo28Q3ZG5+GV3KGfP:ncyWH8/ylzyVsIqyaodV54
Score

10^/10

discovery vidar 589 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

vidar589discoverystealer