vidar

Resubmissions

01-07-2024 01:15

240701-bmewza1hkh 10

01-07-2024 01:09

240701-bhv3dsvcpn 10

Sharing

Copy URL

Twitter E-mail

General

Target

https://www.mediafire.com/file/49cvufrqqhv4gqo/Ṕ@ṨṨḴḙyĦīṥẏḛ_Ṕ@ṨṨḴḙy_Setup3.rar/file
Sample

240701-bhv3dsvcpn

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

7.7

Botnet

c70f482a18aea356c95e9e64e49355be

https://5.75.209.125

https://t.me/newagev

https://steamcommunity.com/profiles/76561199631487327

Attributes

profile_id_v2
c70f482a18aea356c95e9e64e49355be

Targets

- Target
  
  https://www.mediafire.com/file/49cvufrqqhv4gqo/Ṕ@ṨṨḴḙyĦīṥẏḛ_Ṕ@ṨṨḴḙy_Setup3.rar/file
Score

10^/10

vidar c70f482a18aea356c95e9e64e49355be stealer
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Detect Vidar Stealer

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

urlscan1

behavioral1