General
-
Target
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
Size
434KB
-
Sample
230103-qe6gaabe25
-
MD5
ca334213065dce4115d8bf65159b8704
-
SHA1
0f0fafbe20099778a15ee1660f169cf1b812dd1a
-
SHA256
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
SHA512
60b6063048ece4eded25f9f414591fe8822172f734806c055de26778cab97241b6e52fc221f839dac196193778bb3f09c0a24e216404f863fb22ac8a9720b688
-
SSDEEP
6144:j8LcALaQvwXz/2v4W0U6sKpyqkBxj+jvcZgRTaeXgJBT4qjAWTM4xVvkHb+ew:j8dLhr3KMqYsUZ/XBMqXTMENi+
Malware Config
Extracted
vidar
1.8
24
https://t.me/year2023start
https://steamcommunity.com/profiles/76561199467421923
-
profile_id
24
Targets
-
-
Target
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
Size
434KB
-
MD5
ca334213065dce4115d8bf65159b8704
-
SHA1
0f0fafbe20099778a15ee1660f169cf1b812dd1a
-
SHA256
1f6a5ac3dec3a05afee3882030374e9842e8ac52d1bf65afae656af5d4674a8c
-
SHA512
60b6063048ece4eded25f9f414591fe8822172f734806c055de26778cab97241b6e52fc221f839dac196193778bb3f09c0a24e216404f863fb22ac8a9720b688
-
SSDEEP
6144:j8LcALaQvwXz/2v4W0U6sKpyqkBxj+jvcZgRTaeXgJBT4qjAWTM4xVvkHb+ew:j8dLhr3KMqYsUZ/XBMqXTMENi+
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-