Extracted

• • Target

    2025-02-13_c063144d97874cb1e7edf5bdb84c3599_frostygoop_poet-rat_snatch

  • Size

    9.1MB

  • MD5

    c063144d97874cb1e7edf5bdb84c3599

  • SHA1

    f6acb702e7571633ad2c5bdd1e519d617eb34c3d

  • SHA256

    f19da3c90ad45036e225845169410e70c0e3cd9e9394b000f3bb1102badc6d7b

  • SHA512

    8577518ac1a4b2378dc1f9b4cea35ed7311f7f0e85e7c2d180bcc7b410e34949c926ff2258ed4b6ff2269d0d7e0729f7eb5f5d19f9c4bac08e63fa14d98e287b

  • SSDEEP

    98304:9NuLIwcNjoy/xlt6Nd7uOsb4d1C1Jn4n6rO3uHuJ1670a6G:XHhp6DuOsbgIQ6rO3uoG

  Score

  10^/10

  vidarcredential_accessdiscoveryspywarestealer

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Downloads MZ/PE file

  • Uses browser remote debugging

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2