General
-
Target
66e110a867a02fa7539fb5fd9cee440c7e48562aaf1c03f8ec46c90029aee146
-
Size
619KB
-
Sample
211217-jpblbsdcg5
-
MD5
06eca0ffee34f6bc88423d4a75b8fd4d
-
SHA1
8eea07c7c71dfde9a1d7e75c8dc273052b8253dd
-
SHA256
66e110a867a02fa7539fb5fd9cee440c7e48562aaf1c03f8ec46c90029aee146
-
SHA512
334b8011ad3ebee0943f478de3af73bf39c95a81f9a4443735b701fb5f8c67320a113b6e1377e86ae3cd521677dc7035be93a33ca0a2c96c13cf46e42a345710
Malware Config
Extracted
vidar
49.1
903
https://noc.social/@sergeev46
https://c.im/@sergeev47
-
profile_id
903
Targets
-
-
Target
66e110a867a02fa7539fb5fd9cee440c7e48562aaf1c03f8ec46c90029aee146
-
Size
619KB
-
MD5
06eca0ffee34f6bc88423d4a75b8fd4d
-
SHA1
8eea07c7c71dfde9a1d7e75c8dc273052b8253dd
-
SHA256
66e110a867a02fa7539fb5fd9cee440c7e48562aaf1c03f8ec46c90029aee146
-
SHA512
334b8011ad3ebee0943f478de3af73bf39c95a81f9a4443735b701fb5f8c67320a113b6e1377e86ae3cd521677dc7035be93a33ca0a2c96c13cf46e42a345710
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-