vidar | 83e56c9a83600499d533e2651fba71444e660fdb32985edebc6b4c19135ab482 | Triage

Submit
Reports

Overview

overview

Static

static

1

2025-02-05...ch.exe

windows7-x64

2025-02-05...ch.exe

windows10-2004-x64

Sharing

General

Target

2025-02-05_ec10aad9f32bb3a47d3c87b555eb36a6_frostygoop_hijackloader_poet-rat_snatch
Size

4.5MB
Sample

250205-2fln2swqbk
MD5

ec10aad9f32bb3a47d3c87b555eb36a6
SHA1

d1c644033f6f1970d6d0f69b9ccc47b80a849a16
SHA256

83e56c9a83600499d533e2651fba71444e660fdb32985edebc6b4c19135ab482
SHA512

0023b792b6dd4812177704f3c745c8fe37e6e42919ffda6df55c6fa4173f72de0423d34dd822e73e044e678cb32c5ad4487dd90196f47e8601cc8e30fb1f3de5
SSDEEP

49152:iYAyOIfdsbFR+ywdYFe0vLTj8TLVwl9q3PnPkGVzM2c4SQjFf6x1to3:i7yOMQR+ywWw04T5nmujMo3

Score

10^/10

vidar discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

2025-02-05_ec10aad9f32bb3a47d3c87b555eb36a6_frostygoop_hijackloader_poet-rat_snatch.exe

Resource

win7-20240903-en

vidar discovery stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-02-05_ec10aad9f32bb3a47d3c87b555eb36a6_frostygoop_hijackloader_poet-rat_snatch.exe

Resource

win10v2004-20250129-en

vidar discovery stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

vidar

C2

https://t.me/sok33tn

https://steamcommunity.com/profiles/76561199824159981

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0

Targets

- Target
  
  2025-02-05_ec10aad9f32bb3a47d3c87b555eb36a6_frostygoop_hijackloader_poet-rat_snatch
- Size
  
  4.5MB
- MD5
  
  ec10aad9f32bb3a47d3c87b555eb36a6
- SHA1
  
  d1c644033f6f1970d6d0f69b9ccc47b80a849a16
- SHA256
  
  83e56c9a83600499d533e2651fba71444e660fdb32985edebc6b4c19135ab482
- SHA512
  
  0023b792b6dd4812177704f3c745c8fe37e6e42919ffda6df55c6fa4173f72de0423d34dd822e73e044e678cb32c5ad4487dd90196f47e8601cc8e30fb1f3de5
- SSDEEP
  
  49152:iYAyOIfdsbFR+ywdYFe0vLTj8TLVwl9q3PnPkGVzM2c4SQjFf6x1to3:i7yOMQR+ywWw04T5nmujMo3
Score

10^/10

vidar discovery stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidardiscoverystealer

behavioral2

vidardiscoverystealer

© 2018-2025

Terms | Privacy