vidar | 590890f9b90b0485a47fd34d27534bbaf58dba0576512f145b03c9284e2ecae9 | Triage

Sharing

General

Target

tvhaqk.exe
Size

34KB
Sample

250201-zjrncszkd1
MD5

07247639cd83d2e78aabc831240f4c51
SHA1

7ba160b67773c450d59a41bdf3179ed4ca097287
SHA256

590890f9b90b0485a47fd34d27534bbaf58dba0576512f145b03c9284e2ecae9
SHA512

67f0d2d6ec2ec2a0e14d85431e2262f56fb1c02592a943340fc786ae69e8449d8fe59ee368bede270d4c951bd53a1c14ba48321a2f027da0bb2e7afa2aed8f06
SSDEEP

768:ib7UN5sVdbREulXGUchLHcpJeb2sVaAgNrJstfe:2UNOfbR1XRs8pJe6ug7

Score

10^/10

vidar discovery stealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/m08mbk

https://steamcommunity.com/profiles/76561199820567237

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

- Target
  
  tvhaqk.exe
- Size
  
  34KB
- MD5
  
  07247639cd83d2e78aabc831240f4c51
- SHA1
  
  7ba160b67773c450d59a41bdf3179ed4ca097287
- SHA256
  
  590890f9b90b0485a47fd34d27534bbaf58dba0576512f145b03c9284e2ecae9
- SHA512
  
  67f0d2d6ec2ec2a0e14d85431e2262f56fb1c02592a943340fc786ae69e8449d8fe59ee368bede270d4c951bd53a1c14ba48321a2f027da0bb2e7afa2aed8f06
- SSDEEP
  
  768:ib7UN5sVdbREulXGUchLHcpJeb2sVaAgNrJstfe:2UNOfbR1XRs8pJe6ug7
Score

10^/10

vidar discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidardiscoverystealer

behavioral2

vidardiscoverystealer