Overview

overview

10

Static

static

3

main.exe

windows7-x64

10

main.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    main.exe

  • Size

    7.8MB

  • Sample

    250214-tda6jaspfr

  • MD5

    b832f691167d662eb0605285e569dadc

  • SHA1

    9154d327115ee9bbf21e0b1b75370c854671f1f7

  • SHA256

    c9ecda2fdc1e8da35a56810d008d7cf0cb6e440aea7f3e2357fa2562f2ecb2a4

  • SHA512

    dda0021fa448525ba92580694204022ae87ce85a37c858640eb540410fe727bd0c8e5932a9edcdd30d77ffbd3df9eea0639553f045bb7e420ee6a60b59b5f61a

  • SSDEEP

    98304:oMA0PZiOM4M7vToZHfESt71zSU1MDX2fz:9AyzZ/bt713+X2

Score
10/10
vidarcredential_accessdiscoverystealer

Malware Config

Extracted

Family

vidar

C2

https://t.me/b4cha00

https://steamcommunity.com/profiles/76561199825403037
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0

Targets

    • Target

      main.exe

    • Size

      7.8MB

    • MD5

      b832f691167d662eb0605285e569dadc

    • SHA1

      9154d327115ee9bbf21e0b1b75370c854671f1f7

    • SHA256

      c9ecda2fdc1e8da35a56810d008d7cf0cb6e440aea7f3e2357fa2562f2ecb2a4

    • SHA512

      dda0021fa448525ba92580694204022ae87ce85a37c858640eb540410fe727bd0c8e5932a9edcdd30d77ffbd3df9eea0639553f045bb7e420ee6a60b59b5f61a

    • SSDEEP

      98304:oMA0PZiOM4M7vToZHfESt71zSU1MDX2fz:9AyzZ/bt713+X2

    Score
    10/10
    vidardiscoverystealercredential_access

    • Detect Vidar Stealer

      stealer

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Vidar family

      vidar

    • Downloads MZ/PE file

    • Uses browser remote debugging

      Can be used control the browser and steal sensitive information such as credentials and session cookies.

      credential_accessstealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks