vidar

General

Target

JaffaCakes118_ee545c87857fb02111773f20d7f4d6e641f85354ab14e7cace53ee1345e177c7
Size

687.3MB
Sample

241224-ry4x8szket
MD5

da25151a6938c44e0c38cceb2252a0f5
SHA1

91dc7487b434d2ceb6bd32b7ab2cecd7da6bfb2c
SHA256

ee545c87857fb02111773f20d7f4d6e641f85354ab14e7cace53ee1345e177c7
SHA512

52ef13b0ffd377087b192016f3d741614ce84020b8127f287b70a37e7f60036f9b7d920990553cfe5731cd46783ca9e15abae40a0d2d758bb963186b9867656b
SSDEEP

12288:Z4WHf4rA78DxRec6jqBG34h4fTCveSSMT+AzOW9ev2qQ:Z4WHgrA78Dt8qBfMCverMTvn

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

2

Botnet

713

C2

https://t.me/tgdatapacks

https://steamcommunity.com/profiles/76561199469677637

http://95.217.240.6:80

Attributes

profile_id
713

Targets

- Target
  
  JaffaCakes118_ee545c87857fb02111773f20d7f4d6e641f85354ab14e7cace53ee1345e177c7
- Size
  
  687.3MB
- MD5
  
  da25151a6938c44e0c38cceb2252a0f5
- SHA1
  
  91dc7487b434d2ceb6bd32b7ab2cecd7da6bfb2c
- SHA256
  
  ee545c87857fb02111773f20d7f4d6e641f85354ab14e7cace53ee1345e177c7
- SHA512
  
  52ef13b0ffd377087b192016f3d741614ce84020b8127f287b70a37e7f60036f9b7d920990553cfe5731cd46783ca9e15abae40a0d2d758bb963186b9867656b
- SSDEEP
  
  12288:Z4WHf4rA78DxRec6jqBG34h4fTCveSSMT+AzOW9ev2qQ:Z4WHgrA78Dt8qBfMCverMTvn
Score

10^/10

vidar 713 discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Vidar family

Uses the VBS compiler for execution

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2