vidar | c9ed91a8bbdcccda38901f1a70590c8ecb9c813109922b3465471d678cc20868 | Triage

Sharing

General

Target

Filmwor.exe
Size

4.9MB
Sample

250202-2jkk6aspfr
MD5

a6974982ceb1a656f6db988828842d87
SHA1

9fbd537a58f1a2f9ee78b4278413ba091ca65cfa
SHA256

c9ed91a8bbdcccda38901f1a70590c8ecb9c813109922b3465471d678cc20868
SHA512

6facd84a6d4622b1c435bf9f77dd7bf4fb5fef222e97e58a62961f571654ad45c0a287195827567ffb17bf26746097577f19638286ac92af0eaf4c9398b82a83
SSDEEP

49152:0T8pWSX5MEq9/DD9dnEtVv2+QVGeWX0iZsml4eGMrEqAtuShOuInfmuh9cHlV/2F:0aWcHiDDjKV9e233y0ZwfK

Score

10^/10

vidar discovery stealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/m08mbk

https://steamcommunity.com/profiles/76561199820567237

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

- Target
  
  Filmwor.exe
- Size
  
  4.9MB
- MD5
  
  a6974982ceb1a656f6db988828842d87
- SHA1
  
  9fbd537a58f1a2f9ee78b4278413ba091ca65cfa
- SHA256
  
  c9ed91a8bbdcccda38901f1a70590c8ecb9c813109922b3465471d678cc20868
- SHA512
  
  6facd84a6d4622b1c435bf9f77dd7bf4fb5fef222e97e58a62961f571654ad45c0a287195827567ffb17bf26746097577f19638286ac92af0eaf4c9398b82a83
- SSDEEP
  
  49152:0T8pWSX5MEq9/DD9dnEtVv2+QVGeWX0iZsml4eGMrEqAtuShOuInfmuh9cHlV/2F:0aWcHiDDjKV9e233y0ZwfK
Score

10^/10

vidar discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidardiscoverystealer

behavioral2

vidardiscoverystealer