vidar | 7fd3ae4a968045bd0e0d9771dd61ce738bfe6d4ff5b36443e4a3277502af233c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

7fd3ae4a968045bd0e0d9771dd61ce738bfe6d4ff5b36443e4a3277502af233c
Size

1.5MB
Sample

210926-3qqlesfdar
MD5

d378033b07d0da4dcfed5f999b3e0467
SHA1

eb7b7a7715ec7d47fa26ded5172a2b3f2cd6fe03
SHA256

7fd3ae4a968045bd0e0d9771dd61ce738bfe6d4ff5b36443e4a3277502af233c
SHA512

3623d9e8cce5666c62ef7718ed9bc895b502977a7f4059359ed8dc43d46b9a3f3a32465842c75c6084edf124f210bf6eb29c55c2eef114ac915f817bc7ad1841

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

7fd3ae4a968045bd0e0d9771dd61ce738bfe6d4ff5b36443e4a3277502af233c.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7fd3ae4a968045bd0e0d9771dd61ce738bfe6d4ff5b36443e4a3277502af233c
- Size
  
  1.5MB
- MD5
  
  d378033b07d0da4dcfed5f999b3e0467
- SHA1
  
  eb7b7a7715ec7d47fa26ded5172a2b3f2cd6fe03
- SHA256
  
  7fd3ae4a968045bd0e0d9771dd61ce738bfe6d4ff5b36443e4a3277502af233c
- SHA512
  
  3623d9e8cce5666c62ef7718ed9bc895b502977a7f4059359ed8dc43d46b9a3f3a32465842c75c6084edf124f210bf6eb29c55c2eef114ac915f817bc7ad1841
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy