Extracted

• • Target

    file.exe

  • Size

    422KB

  • MD5

    9d7d6e8aa69bfbfaa97836e3ad221e10

  • SHA1

    b195022878f73153d31a9ed2d7891c0ef37f21cf

  • SHA256

    5b61d5b183c6015628a4870b5522a1989019c624d2c31838f4c752e2884d98d4

  • SHA512

    c3a51a1aee34b9babab1eb300924f9834c9a438f2f9acb2b997c97c7040fdaf09a24221da9d6b20ccefbad69f6a7712740ca2cb8e5d07fe94da892f1f2065e9d

  • SSDEEP

    6144:h1NvPj5H1z8Mm1Oda3uZv78cc8ecVeGXcFCYzz3fx8OEN5w8ZHoP3Zi50tpxFzW:hLVH1z8MmgdfpvV6xzz3jEN5T23Zi4

  Score

  10^/10

  vidar560stealerdiscoveryspyware

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses 2FA software files, possible credential harvesting

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2