Today > | 3 Medium | 2 Low vulnerabilities   -   You can now download lists of IOCs here!

Vidar Stealer: An In-depth Analysis of an Information-Stealing Malware

June 4, 2024, 2:01 p.m.

Description

Vidar Stealer is a potent malware written in C++, capable of stealing a wide range of data from the compromised system. Vidar Stealer targets user’s personal data, web-browser data, cryptocurrency wallets, financial data, sensitive files within user directories, communication applications, process explorer data, network communications, and more. This customizable malware is being sold on the dark web and underground forums as a malware-as-a-service, and leveraging the social media platforms as their part of C2 infrastructure to get details such as IP address, instructions, updates, and downloads.

Date

Published: June 4, 2024, 1:17 p.m.

Created: June 4, 2024, 1:17 p.m.

Modified: June 4, 2024, 2:01 p.m.

Indicators

fed19121e9d547d9762e7aa6dd53e0756c414bd0a0650e38d6b0c01b000ad2fc

036a57102385d7f0d7b2deacf932c1c372ae30d924365b7a88f8a26657dd7550

91.107.221.88

65.108.55.55

https://t.me/k0mono

https://steamcommunity.com/profiles/76561199686524322

Attack Patterns

ALF:Trojan:Win32/VidarStealer

T1564.001

T1497

T1071.001

T1204.002

T1083

T1055

T1592

T1140

T1041