Extracted

• • Target

    6a75883103f5db0ce538c52fb1be6388be2729962cbd4dadd782794560b59d33

  • Size

    580KB

  • MD5

    9f5b0497057b3d00dfdbde5e71ab66d1

  • SHA1

    18c835643ae200aaf9b34f814164b46ea18e2c76

  • SHA256

    6a75883103f5db0ce538c52fb1be6388be2729962cbd4dadd782794560b59d33

  • SHA512

    0895874109604b0f67d60c88c764a95049222fdc1b6ddab0fc9355a4603560b1cbaefaa4613731ce58d86abed716ac74f348be790de83b714dcb8a03dbba81d5

  • SSDEEP

    12288:KK/vg3InPBzCvCUNWAXqeVw68Qeoc2dgfjteVD6h/zOBV4vowrKw:KKg3IP8vvNrXqeVL892d/XVbGp

  Score

  10^/10

  vidarcredential_accessdiscoveryspywarestealer

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2