Extracted

• • Target

    8a371d33f7b7305f15ac97f331b13ee3.exe

  • Size

    1.0MB

  • MD5

    8a371d33f7b7305f15ac97f331b13ee3

  • SHA1

    957ed023f42215ec1034cd813d7047014d28b314

  • SHA256

    bd9f73e63ac57f56c23dda08edc1932fe8dfd33fde7e3d1a3014c881988eb1a7

  • SHA512

    95f08b4d40c5fced40b4f8a82823413639287912609c7aecac97e5a00bc07876bc059b5034516b70d8ad1f030d1f59d1e0fe28e974354ddbb6bbed2b76af547c

  • SSDEEP

    24576:26FQppKd9CO9bjajGmd9XIvG3L9hqo3qXdFk7dW:JFem0OwjbdYBo3q40

  Score

  10^/10

  vidardiscoverystealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery
  behavioral1behavioral2