vidar | ca1d811e8412b7c6e4631b566f3b118cd28d228363a403f5ea0ae56a8b28f2a9 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

ca1d811e8412b7c6e4631b566f3b118cd28d228363a403f5ea0ae56a8b28f2a9
Size

1.5MB
Sample

210926-xgtntsfcc4
MD5

07efbc9950df1cf8579e617e23422e72
SHA1

93dac50fea65c911496921328df873e4a86b2e8b
SHA256

ca1d811e8412b7c6e4631b566f3b118cd28d228363a403f5ea0ae56a8b28f2a9
SHA512

33a3a5316a5d4cd4684a31528cd7d05341b66eddf03b602c39cb51050bdd506729d1289c5f9b72bdadaf020f35d73aa173fa8f83fef2bfa967927713d2a133af

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

ca1d811e8412b7c6e4631b566f3b118cd28d228363a403f5ea0ae56a8b28f2a9.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ca1d811e8412b7c6e4631b566f3b118cd28d228363a403f5ea0ae56a8b28f2a9
- Size
  
  1.5MB
- MD5
  
  07efbc9950df1cf8579e617e23422e72
- SHA1
  
  93dac50fea65c911496921328df873e4a86b2e8b
- SHA256
  
  ca1d811e8412b7c6e4631b566f3b118cd28d228363a403f5ea0ae56a8b28f2a9
- SHA512
  
  33a3a5316a5d4cd4684a31528cd7d05341b66eddf03b602c39cb51050bdd506729d1289c5f9b72bdadaf020f35d73aa173fa8f83fef2bfa967927713d2a133af
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy