ThreatFox IOC Database

You are viewing the ThreatFox database entry for sha256_hash 3458048c42c12cafbf778d3bec34a692b151862af456012b7e01cc50ec1a2097.

Database Entry

IOC ID:	1775104
IOC:	3458048c42c12cafbf778d3bec34a692b151862af456012b7e01cc50ec1a2097
IOC Type :	sha256_hash
Threat Type :	payload
Malware:	Vidar
Confidence Level :	Confidence level is high (100%)
Is compromised? :	False
First seen:	2026-03-25 06:41:25 UTC
Last seen:	never
UUID:	aa31d3e0-27be-11f1-9af6-42010aa4000a
Reporter	Lenny_3BO
Reward	5 credits from ThreatFox
Tags:	ClickFix stealer Vidar

Lenny_3BO

Vidar Stealer native x64 implant. Runtime API resolution, per-field XOR config (12 keys). C2: 5.9.170.143:443 (Hetzner). Targets FileZilla creds, crypto wallets. Multipart form-data exfiltration.