General
-
Target
9f824ff399608407e4e7ea9e2a2618f270690bc480c49d33e6bd4d2659b33035
-
Size
597KB
-
Sample
210926-tnr7ssfbc3
-
MD5
ecff6d0ab341e19e7dbf57b87180a3d7
-
SHA1
826113d5d694e98af57592b7dbae9a0ec18050bb
-
SHA256
9f824ff399608407e4e7ea9e2a2618f270690bc480c49d33e6bd4d2659b33035
-
SHA512
4ce0c6caa18c01bb77384848400b4124f205446c7234c72f6fcd7e486d429812871938777da604fcf2c69bd106fdbdfcbae982cafb0a4df1329ec8792ca5e101
Malware Config
Targets
-
-
Target
9f824ff399608407e4e7ea9e2a2618f270690bc480c49d33e6bd4d2659b33035
-
Size
597KB
-
MD5
ecff6d0ab341e19e7dbf57b87180a3d7
-
SHA1
826113d5d694e98af57592b7dbae9a0ec18050bb
-
SHA256
9f824ff399608407e4e7ea9e2a2618f270690bc480c49d33e6bd4d2659b33035
-
SHA512
4ce0c6caa18c01bb77384848400b4124f205446c7234c72f6fcd7e486d429812871938777da604fcf2c69bd106fdbdfcbae982cafb0a4df1329ec8792ca5e101
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-