vidar | d7d05573e26cf40978ecbccb62c1adaf4c2363f5463cc96dc50765da6157aff6 | Triage

Sharing

General

Target

random.exe
Size

10.1MB
Sample

250201-y6cx2synbx
MD5

c57c72458776a0b6a653f6c828c229f2
SHA1

2f993c6a8499b360dec51240d0b6c5faff561c80
SHA256

d7d05573e26cf40978ecbccb62c1adaf4c2363f5463cc96dc50765da6157aff6
SHA512

5678f7bf398e944d9d60876cb3dad8114c0ea71604488c72ba0f0e552629c5a231aa0b1be7b9459921486061656fa7741bd9b8379c457ae3db943d738bfb5cb0
SSDEEP

768:BQYZRf5c58TQppBw0t/9edP/IX6X/Ab0t/9eR:sdo/GX6Xk/R

Score

10^/10

vidar discovery stealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/m08mbk

https://steamcommunity.com/profiles/76561199820567237

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

- Target
  
  random.exe
- Size
  
  10.1MB
- MD5
  
  c57c72458776a0b6a653f6c828c229f2
- SHA1
  
  2f993c6a8499b360dec51240d0b6c5faff561c80
- SHA256
  
  d7d05573e26cf40978ecbccb62c1adaf4c2363f5463cc96dc50765da6157aff6
- SHA512
  
  5678f7bf398e944d9d60876cb3dad8114c0ea71604488c72ba0f0e552629c5a231aa0b1be7b9459921486061656fa7741bd9b8379c457ae3db943d738bfb5cb0
- SSDEEP
  
  768:BQYZRf5c58TQppBw0t/9edP/IX6X/Ab0t/9eR:sdo/GX6Xk/R
Score

10^/10

vidar discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidardiscoverystealer

behavioral2

vidardiscoverystealer