vidar | 6d0030447dc3fc41366201eb9dda90cc757998f7d907d40b957fc7d557fb16db | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

6d0030447dc3fc41366201eb9dda90cc757998f7d907d40b957fc7d557fb16db
Size

1.5MB
Sample

210926-vpf2lafahj
MD5

804409759ba2f568bb763dd9616b565a
SHA1

bb90a3edbf672979162a015a35cc6060af4cba8d
SHA256

6d0030447dc3fc41366201eb9dda90cc757998f7d907d40b957fc7d557fb16db
SHA512

f4b97682ca75c4dc1ed774e5dd7f9ed2aed48f7ecefdd30c0a479a8c18183a1c24b1775506ba6c65580adbf428125103cde2090626f3d79d66194d32b649c976

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

6d0030447dc3fc41366201eb9dda90cc757998f7d907d40b957fc7d557fb16db.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6d0030447dc3fc41366201eb9dda90cc757998f7d907d40b957fc7d557fb16db
- Size
  
  1.5MB
- MD5
  
  804409759ba2f568bb763dd9616b565a
- SHA1
  
  bb90a3edbf672979162a015a35cc6060af4cba8d
- SHA256
  
  6d0030447dc3fc41366201eb9dda90cc757998f7d907d40b957fc7d557fb16db
- SHA512
  
  f4b97682ca75c4dc1ed774e5dd7f9ed2aed48f7ecefdd30c0a479a8c18183a1c24b1775506ba6c65580adbf428125103cde2090626f3d79d66194d32b649c976
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy