MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d44fa79abd7943173424a0efc3fb6cedf586a5ce012354dd1deb008143ed9abb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Vidar


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments 1
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d44fa79abd7943173424a0efc3fb6cedf586a5ce012354dd1deb008143ed9abb
SHA3-384 hash: 527d8f46bd0425c277c0599f7dae60e9e16633ff40827134e74660692de5c17bf898b8295a3cbe570fff8f96aa073cba
SHA1 hash: 2863906f86e49f95f17e15dafa2150ef4f1dab63
MD5 hash: 3cef81985e8c577e4c012568ac97f275
humanhash: early-undress-princess-wisconsin
File name:Tile-Sc3m[b0ot]2r.zip
Download: download sample
Signature Vidar
Create hunting rule
File size:11'438'408 bytes
First seen:2026-03-01 12:04:23 UTC
Last seen:2026-03-04 02:08:34 UTC
File type: zip
MIME type:application/zip
Note:This file is a password protected archive. The password is: 1709
ssdeep 196608:XYCqvgy/5SeEysJNi6c84J9Lk3GTaCj39NQXYwBz6TJ1n/fYt1iHKG7ADSd9y+v:Xu75SrYC2mgQXY46TJ1YPi5AMfv
TLSH T177B63336A5C4712951C3C18474729A2CEDC15D2EA5A7DCFC8C16E53AB330A5DBBBCAC8
Magika zip
Reporter burger
Tags:pw-1709 vidar zip

Intelligence

File Origin
# of uploads :
2
# of downloads :
106
Origin country :
NL NL
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:Tile-Sc3m[b0ot]1r.zip
File size:11'439'041 bytes
SHA256 hash: 52fa55ccc3a3903658d4211d0fefb06df1251535509a4369903f87edb06fdc68
MD5 hash: 9918b92753eaf66a95c0cb072d838f29
MIME type:application/zip
Signature Vidar
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/30872f17-50c7-4670-bf8d-0e8fc71c8614/
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69a42bb5c950ab5d9ab2f97a
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/d44fa79abd7943173424a0efc3fb6cedf586a5ce012354dd1deb008143ed9abb
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/d44fa79abd7943173424a0efc3fb6cedf586a5ce012354dd1deb008143ed9abb
Verdict:
Unknown
File Type:
zip
Link:
https://opentip.kaspersky.com/d44fa79abd7943173424a0efc3fb6cedf586a5ce012354dd1deb008143ed9abb/results?tab=lookup
Verdict:
inconclusive
YARA:
2 match(es)
Tags:
Zip Archive
Link:
https://app.malva.re/file/3cef81985e8c577e4c012568ac97f275
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d44fa79abd7943173424a0efc3fb6cedf586a5ce012354dd1deb008143ed9abb/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2rh2pgv5pfbronbeudx4h63m5x2ynjooaervjxi55maicq7ntk5q._file
Result
Malware family:
vidar
Create hunting rule
Score:
  10/10
Tags:
family:vidar discovery persistence privilege_escalation stealer
Link:
https://tria.ge/reports/260301-rtq6ksdx7a/
Behaviour
Detects Vidar Stealer
Vidar
Vidar family
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.20
Link:
https://yomi.yoroi.company/submissions/d44fa79abd7943173424a0efc3fb6cedf586a5ce012354dd1deb008143ed9abb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments


Avatar
commented on 2026-03-04 02:09:38 UTC

Was gonna submit this and saw burger the goat already did🔥🔥