vidar

General

Target

JaffaCakes118_0e311a630c6699d89ff1297185f47b030d3f959a66784bb0b1eb119a17e2f1b6
Size

761.7MB
Sample

241224-z8jztaxqgl
MD5

56260f3d9cbb29707833e228a4f1315f
SHA1

4e069349c2aa9a91af88556f183de774c5fde392
SHA256

0e311a630c6699d89ff1297185f47b030d3f959a66784bb0b1eb119a17e2f1b6
SHA512

4ef1f05f1e6d2bd99e05bb1cb02bf5498e8ddd41a5076ba982807bb4ba5fcea2ab3d7c191c3ade7daa0e7fd65538d536883a23829eb828c285719cca5c61e2f5
SSDEEP

6144:ipXNkWAoQm+PMBMxsNixbVvPxx7GcJac212xorx+gp4FWDpnuUgMavx7tedqpW1C:ZvoQmq7sNiLvZLw2usgp4FWD9gNfWM

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

3.3

Botnet

6249428d98f616f0a52a7f6e4d9f589d

C2

https://steamcommunity.com/profiles/76561199492257783

https://t.me/justsometg

Attributes

profile_id_v2
6249428d98f616f0a52a7f6e4d9f589d
user_agent
Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9

Targets

- Target
  
  JaffaCakes118_0e311a630c6699d89ff1297185f47b030d3f959a66784bb0b1eb119a17e2f1b6
- Size
  
  761.7MB
- MD5
  
  56260f3d9cbb29707833e228a4f1315f
- SHA1
  
  4e069349c2aa9a91af88556f183de774c5fde392
- SHA256
  
  0e311a630c6699d89ff1297185f47b030d3f959a66784bb0b1eb119a17e2f1b6
- SHA512
  
  4ef1f05f1e6d2bd99e05bb1cb02bf5498e8ddd41a5076ba982807bb4ba5fcea2ab3d7c191c3ade7daa0e7fd65538d536883a23829eb828c285719cca5c61e2f5
- SSDEEP
  
  6144:ipXNkWAoQm+PMBMxsNixbVvPxx7GcJac212xorx+gp4FWDpnuUgMavx7tedqpW1C:ZvoQmq7sNiLvZLw2usgp4FWD9gNfWM
Score

10^/10

vidar 6249428d98f616f0a52a7f6e4d9f589d discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Vidar family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2