vidar | a63f053082cd425d1713947ed6cb8cec4c1826eeea1c1c664544d9e0473a9b33 | Triage

Sharing

General

Target

80e578b117395ff1d0605d651e864012
Size

12.8MB
Sample

250401-e1vq5avr14
MD5

80e578b117395ff1d0605d651e864012
SHA1

dfc75d28b8a9142432584347bf8ba339f1c36876
SHA256

a63f053082cd425d1713947ed6cb8cec4c1826eeea1c1c664544d9e0473a9b33
SHA512

858748cd193ac82dc57259e12e8a146da257885d25d95a15f4d70c8c14d133e2527458a189a71f4e1b8542802f19036778adea6c1a1ae6b9f80cad6b0be9ec32
SSDEEP

98304:iJQoSAhT7MZdUXdgIUg4RnIc9PiJHsdR7h0GQxMGj8z6Po3jcX:yQongIinX2+hq8z6Q3G

Score

10^/10

vidar db4d8ec8cb147b1ab094d0158a4e7dbb discovery stealer

Malware Config

Extracted

Family

vidar

Version

12.5

Botnet

db4d8ec8cb147b1ab094d0158a4e7dbb

C2

https://t.me/w0ctzn

https://steamcommunity.com/profiles/76561199817305251

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0

Targets

- Target
  
  80e578b117395ff1d0605d651e864012
- Size
  
  12.8MB
- MD5
  
  80e578b117395ff1d0605d651e864012
- SHA1
  
  dfc75d28b8a9142432584347bf8ba339f1c36876
- SHA256
  
  a63f053082cd425d1713947ed6cb8cec4c1826eeea1c1c664544d9e0473a9b33
- SHA512
  
  858748cd193ac82dc57259e12e8a146da257885d25d95a15f4d70c8c14d133e2527458a189a71f4e1b8542802f19036778adea6c1a1ae6b9f80cad6b0be9ec32
- SSDEEP
  
  98304:iJQoSAhT7MZdUXdgIUg4RnIc9PiJHsdR7h0GQxMGj8z6Po3jcX:yQongIinX2+hq8z6Q3G
Score

10^/10

vidar db4d8ec8cb147b1ab094d0158a4e7dbb discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidardb4d8ec8cb147b1ab094d0158a4e7dbbdiscoverystealer