vidar

General

Target

JaffaCakes118_a004b52b11b80374d71efe24af3b7e9becf5a1dfff247702d7c618dba42b4ff9
Size

761.7MB
Sample

241229-kalnesxlg1
MD5

7aa189dff927c05f23dff30315accf4e
SHA1

b4cc8b99c45f002e94bd55204b345497311fd426
SHA256

a004b52b11b80374d71efe24af3b7e9becf5a1dfff247702d7c618dba42b4ff9
SHA512

e48d4777795b0239d33df45137534d620ab6843c9bec63310ecd5c2f7b2542efcc7d0f092fd27cedc55f87e6bbe171777e76bf2f15a3a609f6a79f2244ee0717
SSDEEP

6144:Q6RW4BEjBMxsNixbVvPxx7GcJac212xorx+gp4FWDpnuUgMavx7tedqpW9b:QKW4VsNiLvZLw2usgp4FWD9gNfWd

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

3.3

Botnet

6249428d98f616f0a52a7f6e4d9f589d

C2

https://steamcommunity.com/profiles/76561199492257783

https://t.me/justsometg

Attributes

profile_id_v2
6249428d98f616f0a52a7f6e4d9f589d
user_agent
Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9

Targets

- Target
  
  JaffaCakes118_a004b52b11b80374d71efe24af3b7e9becf5a1dfff247702d7c618dba42b4ff9
- Size
  
  761.7MB
- MD5
  
  7aa189dff927c05f23dff30315accf4e
- SHA1
  
  b4cc8b99c45f002e94bd55204b345497311fd426
- SHA256
  
  a004b52b11b80374d71efe24af3b7e9becf5a1dfff247702d7c618dba42b4ff9
- SHA512
  
  e48d4777795b0239d33df45137534d620ab6843c9bec63310ecd5c2f7b2542efcc7d0f092fd27cedc55f87e6bbe171777e76bf2f15a3a609f6a79f2244ee0717
- SSDEEP
  
  6144:Q6RW4BEjBMxsNixbVvPxx7GcJac212xorx+gp4FWDpnuUgMavx7tedqpW9b:QKW4VsNiLvZLw2usgp4FWD9gNfWd
Score

10^/10

vidar 6249428d98f616f0a52a7f6e4d9f589d discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Vidar family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2