Vidar Stealer: An In-depth Analysis of an Information-Stealing Malware
June 4, 2024, 2:01 p.m.
Tags
External References
Description
Vidar Stealer is a potent malware written in C++, capable of stealing a wide range of data from the compromised system. Vidar Stealer targets user’s personal data, web-browser data, cryptocurrency wallets, financial data, sensitive files within user directories, communication applications, process explorer data, network communications, and more. This customizable malware is being sold on the dark web and underground forums as a malware-as-a-service, and leveraging the social media platforms as their part of C2 infrastructure to get details such as IP address, instructions, updates, and downloads.
Date
Published: June 4, 2024, 1:17 p.m.
Created: June 4, 2024, 1:17 p.m.
Modified: June 4, 2024, 2:01 p.m.
Indicators
fed19121e9d547d9762e7aa6dd53e0756c414bd0a0650e38d6b0c01b000ad2fc
036a57102385d7f0d7b2deacf932c1c372ae30d924365b7a88f8a26657dd7550
91.107.221.88
65.108.55.55
https://t.me/k0mono
https://steamcommunity.com/profiles/76561199686524322
Attack Patterns
ALF:Trojan:Win32/VidarStealer
T1564.001
T1497
T1071.001
T1204.002
T1083
T1055
T1592
T1140
T1041