vidar | e772feb82fbe1ae2d0a157d1c3911e25744f5877d508ec32536e03b0c59bc582 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

e772feb82fbe1ae2d0a157d1c3911e25744f5877d508ec32536e03b0c59bc582
Size

1.5MB
Sample

210926-2hecrafcgm
MD5

ad2abd31423102dc67fc8bc207584e9b
SHA1

ddf00ff18ca8497a51f1c4bfb9e9ce18df131952
SHA256

e772feb82fbe1ae2d0a157d1c3911e25744f5877d508ec32536e03b0c59bc582
SHA512

77e95e63c7fd6797595d700c05fa0ebb8cee0e30de25ea5c6f75e85a861922a13c9c4842dfcbaf9f1b3ff7872cdb09d7c641d46e3a0b458e258620aad4b4c093

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

e772feb82fbe1ae2d0a157d1c3911e25744f5877d508ec32536e03b0c59bc582.exe

Resource

win10v20210408

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e772feb82fbe1ae2d0a157d1c3911e25744f5877d508ec32536e03b0c59bc582
- Size
  
  1.5MB
- MD5
  
  ad2abd31423102dc67fc8bc207584e9b
- SHA1
  
  ddf00ff18ca8497a51f1c4bfb9e9ce18df131952
- SHA256
  
  e772feb82fbe1ae2d0a157d1c3911e25744f5877d508ec32536e03b0c59bc582
- SHA512
  
  77e95e63c7fd6797595d700c05fa0ebb8cee0e30de25ea5c6f75e85a861922a13c9c4842dfcbaf9f1b3ff7872cdb09d7c641d46e3a0b458e258620aad4b4c093
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy