Extracted

• • Target

    2025-02-07_431b2a3c61cc267041f56b7fe9ddd42d_frostygoop_hijackloader_poet-rat_snatch

  • Size

    7.3MB

  • MD5

    431b2a3c61cc267041f56b7fe9ddd42d

  • SHA1

    a4db5dfe07b43db0f764db61a243f72e504da405

  • SHA256

    28b3e2861996ebc0fe11d6c4db2cdb51d0543de25522cd1348a1d92f56ec5b99

  • SHA512

    e712c6e50404d9300eca6c83c84906714a84deebb3930b4db876b7f3051ca0d69ab4e16b6eb40f2d8d591e4cbb12c09bc4609233f365363a53d9ff1ec8bbdd83

  • SSDEEP

    49152:Mu7j2db6v4MmTW+cs832y1O1GdM7Ugxu5gez60YQLoGzmytaO4jpvBFmIzs7O8Ac:Mu7jMZMmTWpr31dpz60hL39axZkpGGKs

  Score

  10^/10

  vidarcredential_accessdiscoveryspywarestealer

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Uses browser remote debugging

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2