vidar | a5122216f5d478645a114af87eb793040e15b9fe0c99579435837af385fcd34d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

a5122216f5d478645a114af87eb793040e15b9fe0c99579435837af385fcd34d
Size

1.5MB
Sample

210926-wsgb7sfbbp
MD5

8ffdf2d3fbc1da2663d9dcedda96bb2b
SHA1

60fe7e8adfbd16ec4d81cab6cdacb7adf1638474
SHA256

a5122216f5d478645a114af87eb793040e15b9fe0c99579435837af385fcd34d
SHA512

01b492ee3e4009030f0e858e2d2bb5194407685eedbfb8ee090cea392f9c5f6b76667dda46748214c577205028f9ce9ad97b6312c6c37dc6e4652e6e7656a909

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

a5122216f5d478645a114af87eb793040e15b9fe0c99579435837af385fcd34d.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a5122216f5d478645a114af87eb793040e15b9fe0c99579435837af385fcd34d
- Size
  
  1.5MB
- MD5
  
  8ffdf2d3fbc1da2663d9dcedda96bb2b
- SHA1
  
  60fe7e8adfbd16ec4d81cab6cdacb7adf1638474
- SHA256
  
  a5122216f5d478645a114af87eb793040e15b9fe0c99579435837af385fcd34d
- SHA512
  
  01b492ee3e4009030f0e858e2d2bb5194407685eedbfb8ee090cea392f9c5f6b76667dda46748214c577205028f9ce9ad97b6312c6c37dc6e4652e6e7656a909
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy