Extracted

• • Target

    9f680720826812af34cbc66e27e0281f.exe

  • Size

    6.2MB

  • MD5

    9f680720826812af34cbc66e27e0281f

  • SHA1

    fb580afbf6fb913e83eea1fb99be9c95b6ec39d5

  • SHA256

    19198e75f7c830441360a42b06e10415f4368300a7590c119c237ea8c67bf23e

  • SHA512

    482fb7ca414b9070849017a9ec390597dd6fb1a18cb7e819b498b786dc1467dadd928d2f054baec880307274296f6b66a971deb63b14f0fc27f39094fcb2be8e

  • SSDEEP

    49152:QU4K1Qy8nPDdZiBSFfscuj9ADJZlShhV7+pXLRB5TYAUhJSh7DUtiGlMlHDNuc6X:QNbrnrShj9AVYhgB5IJsnUw918SvljW

  Score

  10^/10

  vidardiscoverystealercredential_access

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Downloads MZ/PE file

  • Uses browser remote debugging

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2