Extracted

• • Target

    220eb25ffc7f72d9782b5d35be3e4d1e162518b62860667645f446ce84b25047N

  • Size

    571KB

  • MD5

    52740943f5e35392063a1159f6311510

  • SHA1

    0534dceac8789af94697ebef684595a9d3eb1cfe

  • SHA256

    220eb25ffc7f72d9782b5d35be3e4d1e162518b62860667645f446ce84b25047

  • SHA512

    76dbb64d766f4f40e5294b63b47420bc7002a5e15cf91da8655318f76f4ba1611231baad3174c4aaa42d1948aaf75287ff3cd3dbea0493318ba3b1e91a94be7e

  • SSDEEP

    12288:EmY0xfgBSzcLFOJ/DzyDlI7FE2KfOSvHmQ3WkR4S:Egfga0cSvH13Wky

  Score

  10^/10

  vidarcredential_accessdiscoveryspywarestealer

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2