General
-
Target
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
Size
629KB
-
Sample
220215-ggbv1sbde6
-
MD5
c611ab25cb2f384c7349a90c3706c0a9
-
SHA1
3abeb6a762c580a485faff32f3e5d1b1af21bc4d
-
SHA256
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
SHA512
d483c084e09f70fec9bf309f48692c7fbbcc48afc3f6989e41d3fb99e9ed0e7f5130585a5607dc308fac32fa92e2c09edb143611c6835e7aad560dd06e9f147d
Malware Config
Extracted
vidar
48.3
937
-
profile_id
937
Targets
-
-
Target
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
Size
629KB
-
MD5
c611ab25cb2f384c7349a90c3706c0a9
-
SHA1
3abeb6a762c580a485faff32f3e5d1b1af21bc4d
-
SHA256
d5c55582392771d747e99d748d3060c99d329ff826da768c9c0a8b975b739bcb
-
SHA512
d483c084e09f70fec9bf309f48692c7fbbcc48afc3f6989e41d3fb99e9ed0e7f5130585a5607dc308fac32fa92e2c09edb143611c6835e7aad560dd06e9f147d
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-