vidar | 3b6e6dd6f6f60ee84cac63e5bb842f23fe982bf0bf6ffed7b39fc44101ec196f | Triage

Sharing

General

Target

212-0-0x0000000000400000-0x0000000000429000-memory.dmp
Size

164KB
Sample

250420-ktwbzasrt7
MD5

444553031db8781ea574530c23b80d87
SHA1

bfcc0cd902ee7d844c9c6feafe732bdde2b0ed4b
SHA256

3b6e6dd6f6f60ee84cac63e5bb842f23fe982bf0bf6ffed7b39fc44101ec196f
SHA512

564c07337bf63a23a5aad15f22e9917aeb076e21be85973651598ff4ac79ff43ed6273b3a4845bb4807ca6b72783d83a0ec1027c9632d03b519002ec182f4037
SSDEEP

3072:aVvH8RuVrLyEj/S2CUGACcceJd/klDHa/R8mxu3s8Q6Gu:KH8RuRLlzgUd6a/Asl6Gu

Score

10^/10

vidar c466785b3a34d7b3c4d6db04a068b664 discovery stealer

Malware Config

Extracted

Family

vidar

Version

13.5

Botnet

c466785b3a34d7b3c4d6db04a068b664

C2

https://t.me/v00rd

https://steamcommunity.com/profiles/76561199846773220

Attributes

user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0.0

Targets

- Target
  
  212-0-0x0000000000400000-0x0000000000429000-memory.dmp
- Size
  
  164KB
- MD5
  
  444553031db8781ea574530c23b80d87
- SHA1
  
  bfcc0cd902ee7d844c9c6feafe732bdde2b0ed4b
- SHA256
  
  3b6e6dd6f6f60ee84cac63e5bb842f23fe982bf0bf6ffed7b39fc44101ec196f
- SHA512
  
  564c07337bf63a23a5aad15f22e9917aeb076e21be85973651598ff4ac79ff43ed6273b3a4845bb4807ca6b72783d83a0ec1027c9632d03b519002ec182f4037
- SSDEEP
  
  3072:aVvH8RuVrLyEj/S2CUGACcceJd/klDHa/R8mxu3s8Q6Gu:KH8RuRLlzgUd6a/Asl6Gu
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerc466785b3a34d7b3c4d6db04a068b664vidar

behavioral1

behavioral2