General
-
Target
e5a939c65846d7edff128f8b5274211c8b22c6b190c4e3b356a72a058ba07a73
-
Size
596KB
-
Sample
210926-sxqvnafah5
-
MD5
c573ffc3c0d6ab1bfea2196040739002
-
SHA1
62ec2fc07f1b1e16e92d34090e5ff5cfe7fb17b2
-
SHA256
e5a939c65846d7edff128f8b5274211c8b22c6b190c4e3b356a72a058ba07a73
-
SHA512
007816d83d4d360b486f073faab1da659560e44ea3a4956caae9175a7d3238e659e4ab8bc0214b794c766237ddc4866a6c9c7efb9ae0feba6dc06b3de9d11d50
Malware Config
Targets
-
-
Target
e5a939c65846d7edff128f8b5274211c8b22c6b190c4e3b356a72a058ba07a73
-
Size
596KB
-
MD5
c573ffc3c0d6ab1bfea2196040739002
-
SHA1
62ec2fc07f1b1e16e92d34090e5ff5cfe7fb17b2
-
SHA256
e5a939c65846d7edff128f8b5274211c8b22c6b190c4e3b356a72a058ba07a73
-
SHA512
007816d83d4d360b486f073faab1da659560e44ea3a4956caae9175a7d3238e659e4ab8bc0214b794c766237ddc4866a6c9c7efb9ae0feba6dc06b3de9d11d50
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-