Extracted

• • Target

    73d5eb6c6f22ecfcf0a7551bc7d518999091750b4a35207213a4358b604f3e1b

  • Size

    406KB

  • MD5

    ef2cc26de59c76033a99ed6fe7b39269

  • SHA1

    02214655b3e2ce4169120488a2126ca46d747cc7

  • SHA256

    73d5eb6c6f22ecfcf0a7551bc7d518999091750b4a35207213a4358b604f3e1b

  • SHA512

    dd06cc890b5cfa74f2f3bd6b4c253d372416d48ff7e3a7cfd420b10f36a6464e3054b40affb7b9a74d6d68c248ece8f481eec5bde5aea3ff1075055f05278c48

  • SSDEEP

    6144:00LsI/MThRJD9naqqg3Kwa1Ze6PtWLBid9oBzdWKQbJro:00QI/oh/9aq13qZBtWLoMbQro

  Score

  10^/10

  vidar494stealerdiscoveryspyware

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses 2FA software files, possible credential harvesting

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2