General
-
Target
62008cde2268e27c5c9d45eb6e397a12
-
Size
688KB
-
Sample
231222-ev7thachdl
-
MD5
62008cde2268e27c5c9d45eb6e397a12
-
SHA1
e8b758d017a6279e69a7144864240d9ad98084ca
-
SHA256
fcb998109eb2644a38d46b2a8f69c169a71f37e01be9c0608ff178dbbd28cbcf
-
SHA512
5ac131a82eda6e6151b390b5aa48b8a79a044547d02703618b6e70a7a77e901991dc2b2bbdb28d16477debda84b5ab8799b773d8f31bf9785661f38b7c203e72
-
SSDEEP
12288:T3iQLGj/jqRxrBCNz1B81w6S8+9sCRRdDOrTantVrC7pxBEyWIpFn4NFC:VLGvqKz1B8/L+RDdDWTaQ7px+y4NI
Malware Config
Extracted
vidar
40.5
706
https://gheorghip.tumblr.com/
-
profile_id
706
Targets
-
-
Target
62008cde2268e27c5c9d45eb6e397a12
-
Size
688KB
-
MD5
62008cde2268e27c5c9d45eb6e397a12
-
SHA1
e8b758d017a6279e69a7144864240d9ad98084ca
-
SHA256
fcb998109eb2644a38d46b2a8f69c169a71f37e01be9c0608ff178dbbd28cbcf
-
SHA512
5ac131a82eda6e6151b390b5aa48b8a79a044547d02703618b6e70a7a77e901991dc2b2bbdb28d16477debda84b5ab8799b773d8f31bf9785661f38b7c203e72
-
SSDEEP
12288:T3iQLGj/jqRxrBCNz1B81w6S8+9sCRRdDOrTantVrC7pxBEyWIpFn4NFC:VLGvqKz1B8/L+RDdDWTaQ7px+y4NI
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-