Extracted

• • Target

    file.exe

  • Size

    408KB

  • MD5

    37ec6ac7a655216941a30dc46fe1b189

  • SHA1

    cf6637aabee2fd26a76e30db0a289201305372fb

  • SHA256

    677862ec62130345467fc6472bfbeff124fd2716897db3f8549c29f016ef13cd

  • SHA512

    ec33b2631e538d29bf35612e247ec61baf56c5202df6728b4e10b03ae6c9438ceafc698474b289b102ff3a6607d6399af24ed7daee4debd38062d48c22ac4edc

  • SSDEEP

    12288:nLYJvfeQmGFFxAKKWKuQLTRURHjZl3EBoYruJ3StafO:L5I5KW5pPW/n

  Score

  10^/10

  discoveryvidarbb7310eab4245006f125c442da2d1e50credential_accessspywarestealer

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2