General
-
Target
86b8e5e4868bd3d427a2aaa35d362660a8624315227ce.exe
-
Size
675KB
-
Sample
210506-jdy53aewgj
-
MD5
7b664652debf14435f7cd8c2cc6fc0da
-
SHA1
b4fda1962c48c2eeae8bd995b4c7087d54fc17e6
-
SHA256
86b8e5e4868bd3d427a2aaa35d362660a8624315227cee5c607f7458e467b2c7
-
SHA512
e2c6485a751eb2dce80116d4f8a1fcb7fd1f6361101c8eee4ea7241e8625aeb4b05f1df029faab44b49b7df241288d642e578d7fdb216546753d6f4af366a8da
Malware Config
Targets
-
-
Target
86b8e5e4868bd3d427a2aaa35d362660a8624315227ce.exe
-
Size
675KB
-
MD5
7b664652debf14435f7cd8c2cc6fc0da
-
SHA1
b4fda1962c48c2eeae8bd995b4c7087d54fc17e6
-
SHA256
86b8e5e4868bd3d427a2aaa35d362660a8624315227cee5c607f7458e467b2c7
-
SHA512
e2c6485a751eb2dce80116d4f8a1fcb7fd1f6361101c8eee4ea7241e8625aeb4b05f1df029faab44b49b7df241288d642e578d7fdb216546753d6f4af366a8da
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-