vidar | 7207b1ba93da1c2ffc74c49605e9d8299047dfad67515622ba9a9432d647bdfa | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

7207b1ba93da1c2ffc74c49605e9d8299047dfad67515622ba9a9432d647bdfa
Size

1.5MB
Sample

210926-1r7vzsfdc5
MD5

be08cb557979e1056d76383b1612ff51
SHA1

54b55a2a6125696738db027ebee3bae6c2db2723
SHA256

7207b1ba93da1c2ffc74c49605e9d8299047dfad67515622ba9a9432d647bdfa
SHA512

ab86ae48aa6759bdf705025bd5c563aba910c22cc2380eccb1409b05c435304d9042d19e82a45f9fb86b63a5cf78457602b44ff3385ebca3282c291e24117ed2

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

7207b1ba93da1c2ffc74c49605e9d8299047dfad67515622ba9a9432d647bdfa.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7207b1ba93da1c2ffc74c49605e9d8299047dfad67515622ba9a9432d647bdfa
- Size
  
  1.5MB
- MD5
  
  be08cb557979e1056d76383b1612ff51
- SHA1
  
  54b55a2a6125696738db027ebee3bae6c2db2723
- SHA256
  
  7207b1ba93da1c2ffc74c49605e9d8299047dfad67515622ba9a9432d647bdfa
- SHA512
  
  ab86ae48aa6759bdf705025bd5c563aba910c22cc2380eccb1409b05c435304d9042d19e82a45f9fb86b63a5cf78457602b44ff3385ebca3282c291e24117ed2
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy