vidar | 5d7c05c6cd191b8b38dabc343a1ec22b6631672929f8374fa44807a5f9847f19 | Triage

Sharing

General

Target

JaffaCakes118_5d7c05c6cd191b8b38dabc343a1ec22b6631672929f8374fa44807a5f9847f19
Size

675.4MB
Sample

241224-y5y4wswnft
MD5

cbbf92ce3daf529349bad0a1baf27337
SHA1

a78e57b170b03b121e6799c020a6d388f9622009
SHA256

5d7c05c6cd191b8b38dabc343a1ec22b6631672929f8374fa44807a5f9847f19
SHA512

c288b697808211797fd82a682ae1cdbe0e4cd1940b8c1bb6846b175e78771af3f5f1f52c7fc13d5f3ab253dd1bb5c81d9d42f1549a27381c7e70db703d374c88
SSDEEP

12582912:9YQyQyQyQyQyQyQyQyQyQyQyQyQyQyQ1QyQyQyQyQyQyQyQyQyQyQyQyQyQyQ1Qe:9Ynnnnnnnnnnnnnn0nnnnnnnnnnnnnnc

Score

10^/10

vidar f5142d59cfb1f363a412294f1ea824ba discovery stealer vmprotect

Malware Config

Extracted

Family

vidar

Version

4.5

Botnet

f5142d59cfb1f363a412294f1ea824ba

C2

https://steamcommunity.com/profiles/76561199520592470

https://t.me/motafan

Attributes

profile_id_v2
f5142d59cfb1f363a412294f1ea824ba
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/111.0

Targets

- Target
  
  JaffaCakes118_5d7c05c6cd191b8b38dabc343a1ec22b6631672929f8374fa44807a5f9847f19
- Size
  
  675.4MB
- MD5
  
  cbbf92ce3daf529349bad0a1baf27337
- SHA1
  
  a78e57b170b03b121e6799c020a6d388f9622009
- SHA256
  
  5d7c05c6cd191b8b38dabc343a1ec22b6631672929f8374fa44807a5f9847f19
- SHA512
  
  c288b697808211797fd82a682ae1cdbe0e4cd1940b8c1bb6846b175e78771af3f5f1f52c7fc13d5f3ab253dd1bb5c81d9d42f1549a27381c7e70db703d374c88
- SSDEEP
  
  12582912:9YQyQyQyQyQyQyQyQyQyQyQyQyQyQyQ1QyQyQyQyQyQyQyQyQyQyQyQyQyQyQ1Qe:9Ynnnnnnnnnnnnnn0nnnnnnnnnnnnnnc
Score

10^/10

vidar f5142d59cfb1f363a412294f1ea824ba discovery stealer vmprotect
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarf5142d59cfb1f363a412294f1ea824badiscoverystealervmprotect

behavioral2

vidarf5142d59cfb1f363a412294f1ea824badiscoverystealervmprotect