Extracted

• • Target

    b2866657421dc1115cb70555c84da220dececce78879b800a8ca79fddfba993c.exe

  • Size

    1.9MB

  • MD5

    4de25ac5b7602cb6b41bba4282e6a002

  • SHA1

    1cfe4a7735ee81515b0b44e9a901642a52c51c36

  • SHA256

    b2866657421dc1115cb70555c84da220dececce78879b800a8ca79fddfba993c

  • SHA512

    9e32994ae45dd656319948a5463af2a304400f2d87055f7ee8291e49bf73213dd8815ebf9edb4b2fd312ac6be887783f430c501133c1f446e44ccd945f214586

  • SSDEEP

    24576:uhzvY2ofNcTZCsrQx+oraoLXE4RxzUpXrvKlXbqsH/9mX34VbbEAPmF2CY43d/Fk:axofQ5rQx+orJD9UgbVfSO1m0UK

  Score

  10^/10

  discoveryvidarstealer

  • Detect Vidar Stealer

    stealer

  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Suspicious use of SetThreadContext

  behavioral1behavioral2