vidar | 45346004197c32fc53430c3422317f3e3d293db57a3e22a5716d836bc6d9fb93 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

45346004197c32fc53430c3422317f3e3d293db57a3e22a5716d836bc6d9fb93
Size

1.5MB
Sample

210926-yr2ymafcaj
MD5

8c097b6781391d5d63f53788e40761ac
SHA1

f9cab730cf75b12a1b73a019bbf2816e3733fa46
SHA256

45346004197c32fc53430c3422317f3e3d293db57a3e22a5716d836bc6d9fb93
SHA512

1c73932a326ce8a54407fcaa59305f4dd9e0d46b6c7b131d2ab077e1aa74ef6c46998c3a1d373060c2f18f052d615f7b5e657d38e8939647b6787aa92bc24a84

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

45346004197c32fc53430c3422317f3e3d293db57a3e22a5716d836bc6d9fb93.exe

Resource

win10-en-20210920

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  45346004197c32fc53430c3422317f3e3d293db57a3e22a5716d836bc6d9fb93
- Size
  
  1.5MB
- MD5
  
  8c097b6781391d5d63f53788e40761ac
- SHA1
  
  f9cab730cf75b12a1b73a019bbf2816e3733fa46
- SHA256
  
  45346004197c32fc53430c3422317f3e3d293db57a3e22a5716d836bc6d9fb93
- SHA512
  
  1c73932a326ce8a54407fcaa59305f4dd9e0d46b6c7b131d2ab077e1aa74ef6c46998c3a1d373060c2f18f052d615f7b5e657d38e8939647b6787aa92bc24a84
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy