General
-
Target
55027bfd29ab965318ee2f61174820e26798f5e766f65003faef3b81499f3620
-
Size
743KB
-
Sample
211011-13vpssadd5
-
MD5
82d25bc48a0b1ddf1bab738eb5d97a56
-
SHA1
dce419288faa1ab13949d4a3edaad77a444ad386
-
SHA256
55027bfd29ab965318ee2f61174820e26798f5e766f65003faef3b81499f3620
-
SHA512
02478af02cbae953000832b882919b1c8fe769a0d2d75cee44a9e753959a0a6ca48c9b2f4295c3cee00d1d82bf74f0244f5a5af68786f861e9cdc33af6b3477d
Malware Config
Extracted
vidar
41.3
1008
https://mas.to/@oleg98
-
profile_id
1008
Targets
-
-
Target
55027bfd29ab965318ee2f61174820e26798f5e766f65003faef3b81499f3620
-
Size
743KB
-
MD5
82d25bc48a0b1ddf1bab738eb5d97a56
-
SHA1
dce419288faa1ab13949d4a3edaad77a444ad386
-
SHA256
55027bfd29ab965318ee2f61174820e26798f5e766f65003faef3b81499f3620
-
SHA512
02478af02cbae953000832b882919b1c8fe769a0d2d75cee44a9e753959a0a6ca48c9b2f4295c3cee00d1d82bf74f0244f5a5af68786f861e9cdc33af6b3477d
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-