vidar | 0d1081cfdb08c95355dae27cf9d09eb98046ad899ca4f71b68da6c2dd7a760dd | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

0d1081cfdb08c95355dae27cf9d09eb98046ad899ca4f71b68da6c2dd7a760dd
Size

1.5MB
Sample

210926-14yg3sfdd4
MD5

140afbe7ce74a100dbb2682752db1e3e
SHA1

d3949eddee73e38e1e6abb16e1e966cd900174d1
SHA256

0d1081cfdb08c95355dae27cf9d09eb98046ad899ca4f71b68da6c2dd7a760dd
SHA512

64ac3e0ba7bf58dd37ebacae8891352a040fefd9bca8ccb088be59ae22ca757dd7895f4a70e6a2b647b38dfcb2c1af712a1212b1732df9601197a920796f9288

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

0d1081cfdb08c95355dae27cf9d09eb98046ad899ca4f71b68da6c2dd7a760dd.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0d1081cfdb08c95355dae27cf9d09eb98046ad899ca4f71b68da6c2dd7a760dd
- Size
  
  1.5MB
- MD5
  
  140afbe7ce74a100dbb2682752db1e3e
- SHA1
  
  d3949eddee73e38e1e6abb16e1e966cd900174d1
- SHA256
  
  0d1081cfdb08c95355dae27cf9d09eb98046ad899ca4f71b68da6c2dd7a760dd
- SHA512
  
  64ac3e0ba7bf58dd37ebacae8891352a040fefd9bca8ccb088be59ae22ca757dd7895f4a70e6a2b647b38dfcb2c1af712a1212b1732df9601197a920796f9288
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy