vidar | 20b46a7eef82eb4d386f0d99ede335893e4c575375b1099eebd80c3e03373995 | Triage

Sharing

General

Target

JaffaCakes118_20b46a7eef82eb4d386f0d99ede335893e4c575375b1099eebd80c3e03373995
Size

386.2MB
Sample

241230-wwp4hsvnft
MD5

aab3756c7206c289853fdcbe903b7c43
SHA1

4f820b1e79aa30029acf17ccf541f7777429a8d2
SHA256

20b46a7eef82eb4d386f0d99ede335893e4c575375b1099eebd80c3e03373995
SHA512

519920af7a7e09b644a69650670b2a7d991c4c2d70087207c86bd76345c7f77b3f5874e0465ca334b6f99cff0513a2650eba99ee201b564366c4a968ad12503a
SSDEEP

12288:z3iT4g8QyU9npZv3z+qtVpK/gOUWKnfzHV8mB:z3i6i3SqtjKRu7

Score

10^/10

vidar 1657 discovery stealer

Malware Config

Extracted

Family

vidar

Version

55.3

Botnet

1657

C2

https://t.me/slivetalks

https://c.im/@xinibin420

http://195.201.252.190:80

Attributes

profile_id
1657

Targets

- Target
  
  JaffaCakes118_20b46a7eef82eb4d386f0d99ede335893e4c575375b1099eebd80c3e03373995
- Size
  
  386.2MB
- MD5
  
  aab3756c7206c289853fdcbe903b7c43
- SHA1
  
  4f820b1e79aa30029acf17ccf541f7777429a8d2
- SHA256
  
  20b46a7eef82eb4d386f0d99ede335893e4c575375b1099eebd80c3e03373995
- SHA512
  
  519920af7a7e09b644a69650670b2a7d991c4c2d70087207c86bd76345c7f77b3f5874e0465ca334b6f99cff0513a2650eba99ee201b564366c4a968ad12503a
- SSDEEP
  
  12288:z3iT4g8QyU9npZv3z+qtVpK/gOUWKnfzHV8mB:z3i6i3SqtjKRu7
Score

10^/10

discovery vidar 1657 stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

vidar1657discoverystealer