Extracted

• • Target

    ab15ed3fb089ef3562d68a210b3529cf.exe

  • Size

    968KB

  • MD5

    ab15ed3fb089ef3562d68a210b3529cf

  • SHA1

    949a7af9cc19ce5c5faae300ec656ace1d87b8ed

  • SHA256

    9f12acce686f5362f7c9c79462f5e938bf56f2c822258451ff14f7b28fdfd3d6

  • SHA512

    d672795b5bc58f76bd4343a61eab91352217469925567e9cf848c86b65c9fe026980b0cef756a2b814ac6923c22565b0c288ab7b10655a65c48d7ddbaef8c24d

  • SSDEEP

    12288:/Ci8Pn4cxVHyNVQ6EjWFSy7j0qITE78+CrZ9UbXqOl4kr/IwTKwRKqvz3Mj2qj9B:/58PHxwqWZ7j09Z9UbqOl5/NKwfvz38

  Score

  10^/10

  vidardiscoverystealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Enumerates processes with tasklist

    discovery
  behavioral1behavioral2