vidar | b2042114e2ee61b73463fd7c7c5204e3a0a7db1b978969d05ac383a8996dd4ea | Triage

Sharing

General

Target

JaffaCakes118_b2042114e2ee61b73463fd7c7c5204e3a0a7db1b978969d05ac383a8996dd4ea
Size

787.9MB
Sample

241230-ckct9strb1
MD5

be8ae0d04e5bd79ff0696cc1c8e514f1
SHA1

62761a0121c1fbad4633eae063440dc27fd4c446
SHA256

b2042114e2ee61b73463fd7c7c5204e3a0a7db1b978969d05ac383a8996dd4ea
SHA512

52001d421ac3f5909829ef9543897344209af06b32a5e7b920133f9b12a77a5237e679511131c51bb03d43fc851a19c13a5626777e929d2ee6b48f7123082ee9
SSDEEP

196608:3zS5Qk2tZo846rosn5/Bsts7NGmzFBQNri:3+5T18hro2/BsKzzFBv

Score

10^/10

vidar c1d7ad01e8d504b6baf1b90679c3c7b6 discovery stealer vmprotect

Malware Config

Extracted

Family

vidar

Version

5.2

Botnet

c1d7ad01e8d504b6baf1b90679c3c7b6

C2

https://steamcommunity.com/profiles/76561199541261200

https://t.me/vookihhfd

https://t.me/booliiksws

https://t.me/odyssey_tg

Attributes

profile_id_v2
c1d7ad01e8d504b6baf1b90679c3c7b6
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.30 (KHTML, like Gecko) Chrome/115.0.1.0 Safari/537.30

Targets

- Target
  
  JaffaCakes118_b2042114e2ee61b73463fd7c7c5204e3a0a7db1b978969d05ac383a8996dd4ea
- Size
  
  787.9MB
- MD5
  
  be8ae0d04e5bd79ff0696cc1c8e514f1
- SHA1
  
  62761a0121c1fbad4633eae063440dc27fd4c446
- SHA256
  
  b2042114e2ee61b73463fd7c7c5204e3a0a7db1b978969d05ac383a8996dd4ea
- SHA512
  
  52001d421ac3f5909829ef9543897344209af06b32a5e7b920133f9b12a77a5237e679511131c51bb03d43fc851a19c13a5626777e929d2ee6b48f7123082ee9
- SSDEEP
  
  196608:3zS5Qk2tZo846rosn5/Bsts7NGmzFBQNri:3+5T18hro2/BsKzzFBv
Score

10^/10

vidar c1d7ad01e8d504b6baf1b90679c3c7b6 discovery stealer vmprotect
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarc1d7ad01e8d504b6baf1b90679c3c7b6discoverystealervmprotect

behavioral2

vidarc1d7ad01e8d504b6baf1b90679c3c7b6discoverystealervmprotect