vidar | 790d8b4311f3a01516cb6ce8d5b1dffca283c552680871cf0dc996c08119e67d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

790d8b4311f3a01516cb6ce8d5b1dffca283c552680871cf0dc996c08119e67d
Size

1.5MB
Sample

210926-x7vntafbgr
MD5

40d368fe0a33ce1ed11fbdd8a979ffd8
SHA1

80a896ab06622b084347e6010fd767f6dabf7b12
SHA256

790d8b4311f3a01516cb6ce8d5b1dffca283c552680871cf0dc996c08119e67d
SHA512

4c60d0dea6697e372daccd9d715e207bd89b8a5b84b4d11ac789393e26c04a90a9249d018203bfab6d1329715674f58be833b183ae961ed8f749e6f6b3571b20

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

790d8b4311f3a01516cb6ce8d5b1dffca283c552680871cf0dc996c08119e67d.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  790d8b4311f3a01516cb6ce8d5b1dffca283c552680871cf0dc996c08119e67d
- Size
  
  1.5MB
- MD5
  
  40d368fe0a33ce1ed11fbdd8a979ffd8
- SHA1
  
  80a896ab06622b084347e6010fd767f6dabf7b12
- SHA256
  
  790d8b4311f3a01516cb6ce8d5b1dffca283c552680871cf0dc996c08119e67d
- SHA512
  
  4c60d0dea6697e372daccd9d715e207bd89b8a5b84b4d11ac789393e26c04a90a9249d018203bfab6d1329715674f58be833b183ae961ed8f749e6f6b3571b20
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy