General
-
Target
Vidar.exe
-
Size
1.2MB
-
Sample
241114-ns1f3syemd
-
MD5
2f79684349eb97b0e072d21a1b462243
-
SHA1
ed9b9eeafc5535802e498e78611f262055d736af
-
SHA256
9be494b1233a38c3d86ae075d3073ff4de88bc3064011554aa7c96d5ef068c04
-
SHA512
4d94ae4633f3bf489d1bc9613fc6028865064ec98f73b5e9e775f08ff55d246daeddce6a4a0a013a9d05e65edc726768c397d0382e5c35352144b5338d6467d3
-
SSDEEP
24576:9piXI12TyeC5m71MsNon4J0t1TBUV1E1HP9yjy3anIPXD:9pYaeC52KsNgFtxBUvWIaaKz
Static task
static1
Behavioral task
behavioral1
Sample
Vidar.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Vidar.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vidar
11.4
7c37934964656ffad71319cfd3f70c69
https://t.me/asg7rd
https://steamcommunity.com/profiles/76561199794498376
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
Targets
-
-
Target
Vidar.exe
-
Size
1.2MB
-
MD5
2f79684349eb97b0e072d21a1b462243
-
SHA1
ed9b9eeafc5535802e498e78611f262055d736af
-
SHA256
9be494b1233a38c3d86ae075d3073ff4de88bc3064011554aa7c96d5ef068c04
-
SHA512
4d94ae4633f3bf489d1bc9613fc6028865064ec98f73b5e9e775f08ff55d246daeddce6a4a0a013a9d05e65edc726768c397d0382e5c35352144b5338d6467d3
-
SSDEEP
24576:9piXI12TyeC5m71MsNon4J0t1TBUV1E1HP9yjy3anIPXD:9pYaeC52KsNgFtxBUvWIaaKz
-
Detect Vidar Stealer
-
Vidar family
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Suspicious use of SetThreadContext
-