vidar | 4c26451e5cd2d6891ab3652eeab343e3af18236c96dc2bdf4ac3d365ce9d3bf8 | Triage

Sharing

General

Target

JaffaCakes118_4c26451e5cd2d6891ab3652eeab343e3af18236c96dc2bdf4ac3d365ce9d3bf8
Size

704KB
Sample

241229-3vve6s1kex
MD5

3c7d63056499edeff545f1a23b524c03
SHA1

701332669dff4e06361987d4c02803441cc5738d
SHA256

4c26451e5cd2d6891ab3652eeab343e3af18236c96dc2bdf4ac3d365ce9d3bf8
SHA512

c0f16ce4653fb596ce691aad098006cdb34da64c54c1cdcccd6b243588bcfc0dc6ad4af5aad8165082d4cce805ae6031dfbb0e2a464616e216873c425861b4c4
SSDEEP

12288:84xeLkAJCd+4iOsr95DOtStgsrQL4YuXsh2yO+hfq3Rb7NVireu/P/k0J+/wxJqV:VvZU70ZzHnwmPwl1r3PgS4hlZ02y+Wiy

Score

10^/10

vidar 1149 discovery stealer

Malware Config

Extracted

Family

vidar

Version

50.1

Botnet

1149

C2

https://mastodon.online/@k1llerniax

https://koyu.space/@k1llerni2x

Attributes

profile_id
1149

Targets

- Target
  
  JaffaCakes118_4c26451e5cd2d6891ab3652eeab343e3af18236c96dc2bdf4ac3d365ce9d3bf8
- Size
  
  704KB
- MD5
  
  3c7d63056499edeff545f1a23b524c03
- SHA1
  
  701332669dff4e06361987d4c02803441cc5738d
- SHA256
  
  4c26451e5cd2d6891ab3652eeab343e3af18236c96dc2bdf4ac3d365ce9d3bf8
- SHA512
  
  c0f16ce4653fb596ce691aad098006cdb34da64c54c1cdcccd6b243588bcfc0dc6ad4af5aad8165082d4cce805ae6031dfbb0e2a464616e216873c425861b4c4
- SSDEEP
  
  12288:84xeLkAJCd+4iOsr95DOtStgsrQL4YuXsh2yO+hfq3Rb7NVireu/P/k0J+/wxJqV:VvZU70ZzHnwmPwl1r3PgS4hlZ02y+Wiy
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealer1149vidar

behavioral1

behavioral2