vidar | e3897d90623187016911088e2dfc46ff7de3cd48bd3cb6641811eec604762bc7 | Triage

Sharing

General

Target

JaffaCakes118_e3897d90623187016911088e2dfc46ff7de3cd48bd3cb6641811eec604762bc7
Size

725.8MB
Sample

241223-v98bkswnfk
MD5

0ddc3b5fbfbe6f62880518c6d639828c
SHA1

398d49169545c32bddffc873c26dab1d86dabfaf
SHA256

e3897d90623187016911088e2dfc46ff7de3cd48bd3cb6641811eec604762bc7
SHA512

755da5244309683625211cc43732370c7dd74a74d5bfaba8d4430157c7a82b5cf1a3e7301be0aa02dac74113f66c2bc928ab9a237954ce354ac40280ac2c5e90
SSDEEP

98304:4fmQGGPjpMR4+YoJ1QsQjMmG9JEkGLg4QLCgt8jl9GcJueJU2kC6WZgwAn:OvjpQ4+YoJ1bQjqQRqLt6SaT3kuZqn

Score

10^/10

vidar 670 discovery stealer

Malware Config

Extracted

Family

vidar

Version

1.9

Botnet

670

C2

https://t.me/travelticketshop

https://steamcommunity.com/profiles/76561199469016299

http://65.109.190.87:80

Attributes

profile_id
670

Targets

- Target
  
  JaffaCakes118_e3897d90623187016911088e2dfc46ff7de3cd48bd3cb6641811eec604762bc7
- Size
  
  725.8MB
- MD5
  
  0ddc3b5fbfbe6f62880518c6d639828c
- SHA1
  
  398d49169545c32bddffc873c26dab1d86dabfaf
- SHA256
  
  e3897d90623187016911088e2dfc46ff7de3cd48bd3cb6641811eec604762bc7
- SHA512
  
  755da5244309683625211cc43732370c7dd74a74d5bfaba8d4430157c7a82b5cf1a3e7301be0aa02dac74113f66c2bc928ab9a237954ce354ac40280ac2c5e90
- SSDEEP
  
  98304:4fmQGGPjpMR4+YoJ1QsQjMmG9JEkGLg4QLCgt8jl9GcJueJU2kC6WZgwAn:OvjpQ4+YoJ1bQjqQRqLt6SaT3kuZqn
Score

10^/10

vidar 670 discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidar670discoverystealer

behavioral2

vidar670discoverystealer