vidar | 27899cff9d0fdc8cb90a367d62d00d0152498a46c5974564279deb09544da658 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

27899cff9d0fdc8cb90a367d62d00d0152498a46c5974564279deb09544da658
Size

1.5MB
Sample

210926-zabksafcck
MD5

f43f57e3d3303c16d464d1ada89318a0
SHA1

38505fe544322f23f57166286a594ad32d36ddd4
SHA256

27899cff9d0fdc8cb90a367d62d00d0152498a46c5974564279deb09544da658
SHA512

67ff6587d1ff8411f79126f44dc42c999fbca33c3a47f9452976b12dd0b40f2eb57f71ad7e4859904fa7e45e486da2f07c498d6ef7e6be0f7b3a3d644ebcb344

Score

10^/10

vidar spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

27899cff9d0fdc8cb90a367d62d00d0152498a46c5974564279deb09544da658.exe

Resource

win10v20210408

vidar spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  27899cff9d0fdc8cb90a367d62d00d0152498a46c5974564279deb09544da658
- Size
  
  1.5MB
- MD5
  
  f43f57e3d3303c16d464d1ada89318a0
- SHA1
  
  38505fe544322f23f57166286a594ad32d36ddd4
- SHA256
  
  27899cff9d0fdc8cb90a367d62d00d0152498a46c5974564279deb09544da658
- SHA512
  
  67ff6587d1ff8411f79126f44dc42c999fbca33c3a47f9452976b12dd0b40f2eb57f71ad7e4859904fa7e45e486da2f07c498d6ef7e6be0f7b3a3d644ebcb344
Score

10^/10

vidar spyware stealer
- Suspicious use of NtCreateProcessExOtherParentProcess
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar Stealer
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vidarspywarestealer

© 2018-2024

Terms | Privacy