vidar

General

Target

JaffaCakes118_842a10949c58cd84f63a34e47bf35b211df2898ea271384dead2356846a0f622
Size

761.7MB
Sample

241225-qbc1katmhm
MD5

89f1246572eef55c6b2deba409d70f7d
SHA1

876d549cba29927edebe236d88df8b5a7a2c1a19
SHA256

842a10949c58cd84f63a34e47bf35b211df2898ea271384dead2356846a0f622
SHA512

4778e210d73de55f3811a4c0923f5e3be17d0ae15d6eefb07a91deeeff00758c951dcbeddf4d9e6685e1ed4233b93cf35d31cc3a7ee503b14e2cd40bbd520f63
SSDEEP

6144:HXWOdcSBQRd6yJ6EYrRY9hSuqm/VSSBYkq0/V7HbkrKJ9YJpR6:HXWOdcSBQRd6W8RY9hSuXVS0PVsUWq

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

2.7

Botnet

007a5a826e1987a4c12bf88e2b5031fe

C2

https://t.me/robertotalks

https://steamcommunity.com/profiles/76561199480821604

http://95.217.157.160:80

Attributes

profile_id_v2
007a5a826e1987a4c12bf88e2b5031fe
user_agent
Mozilla/5.0 (X11; CrOS x86_64 14685.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.4992.0 Safari/537.36

Targets

- Target
  
  JaffaCakes118_842a10949c58cd84f63a34e47bf35b211df2898ea271384dead2356846a0f622
- Size
  
  761.7MB
- MD5
  
  89f1246572eef55c6b2deba409d70f7d
- SHA1
  
  876d549cba29927edebe236d88df8b5a7a2c1a19
- SHA256
  
  842a10949c58cd84f63a34e47bf35b211df2898ea271384dead2356846a0f622
- SHA512
  
  4778e210d73de55f3811a4c0923f5e3be17d0ae15d6eefb07a91deeeff00758c951dcbeddf4d9e6685e1ed4233b93cf35d31cc3a7ee503b14e2cd40bbd520f63
- SSDEEP
  
  6144:HXWOdcSBQRd6yJ6EYrRY9hSuqm/VSSBYkq0/V7HbkrKJ9YJpR6:HXWOdcSBQRd6W8RY9hSuXVS0PVsUWq
Score

10^/10

vidar 007a5a826e1987a4c12bf88e2b5031fe discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Vidar family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2