Vidar Stealer: An In-depth Analysis of an Information-Stealing Malware

June 4, 2024, 2:01 p.m.

Description

Vidar Stealer is a potent malware written in C++, capable of stealing a wide range of data from the compromised system. Vidar Stealer targets user’s personal data, web-browser data, cryptocurrency wallets, financial data, sensitive files within user directories, communication applications, process explorer data, network communications, and more. This customizable malware is being sold on the dark web and underground forums as a malware-as-a-service, and leveraging the social media platforms as their part of C2 infrastructure to get details such as IP address, instructions, updates, and downloads.

External References

https://www.cyfirma.com/research/vidar-stealer-an-in-depth-analysis-of-an-information-stealing-malware/
https://otx.alienvault.com/pulse/665f13ec3414ba8d31445746
Tags
malware
persistence
2024-06-04
c2

Date

  • Created: June 4, 2024, 1:17 p.m.
  • Published: June 4, 2024, 1:17 p.m.
  • Modified: June 4, 2024, 2:01 p.m.

Indicators

  • fed19121e9d547d9762e7aa6dd53e0756c414bd0a0650e38d6b0c01b000ad2fc
  • 036a57102385d7f0d7b2deacf932c1c372ae30d924365b7a88f8a26657dd7550
  • 91.107.221.88
  • 65.108.55.55
  • https://t.me/k0mono
  • https://steamcommunity.com/profiles/76561199686524322
Download all indicators here!

Attack Patterns

  • ALF:Trojan:Win32/VidarStealer