General
-
Target
d230527fd5741c55816e0674ca2e72d096551bb22c365d0e4b66b234aa3ea8b0
-
Size
327KB
-
Sample
231015-grl4qsdc2t
-
MD5
a84a121b7931cdd451e810b213930776
-
SHA1
7891a1d575dc1ae04ba5129bdabc2eb2d6580683
-
SHA256
d230527fd5741c55816e0674ca2e72d096551bb22c365d0e4b66b234aa3ea8b0
-
SHA512
844f3330d41caf26d1e3a5d2491832d89a021cd2a1d3b1053f735acc2c368782066232ef4a609042e4fb88dc615f6ece8def5d57c954dab8458558cd2dfce697
-
SSDEEP
6144:yDSm0ffsgo4CUsazaDWyqmkw4N3oFQLWN8oVyQM:sS9nsgYDa2O2AWN8orM
Malware Config
Extracted
vidar
6
5a1fadccb27cfce506dba962fc85426d
https://steamcommunity.com/profiles/76561199560322242
https://t.me/cahalgo
-
profile_id_v2
5a1fadccb27cfce506dba962fc85426d
-
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 uacq
Targets
-
-
Target
d230527fd5741c55816e0674ca2e72d096551bb22c365d0e4b66b234aa3ea8b0
-
Size
327KB
-
MD5
a84a121b7931cdd451e810b213930776
-
SHA1
7891a1d575dc1ae04ba5129bdabc2eb2d6580683
-
SHA256
d230527fd5741c55816e0674ca2e72d096551bb22c365d0e4b66b234aa3ea8b0
-
SHA512
844f3330d41caf26d1e3a5d2491832d89a021cd2a1d3b1053f735acc2c368782066232ef4a609042e4fb88dc615f6ece8def5d57c954dab8458558cd2dfce697
-
SSDEEP
6144:yDSm0ffsgo4CUsazaDWyqmkw4N3oFQLWN8oVyQM:sS9nsgYDa2O2AWN8orM
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-