Extracted

• • Target

    2025-02-24_6768e4499258c2b0de9500e3df9f1091_frostygoop_poet-rat_snatch

  • Size

    5.4MB

  • MD5

    6768e4499258c2b0de9500e3df9f1091

  • SHA1

    be85cdd2afc5ef803cbd27a3f9e5981728e9ac39

  • SHA256

    e226a8c19929e94761027accb16309d9a64589b9bf67778cc114ad75636790b3

  • SHA512

    a0f1fa5a14268e4cb977001121bf0f9691f9a1dc1210bfc08b077d36527b86c658fe897669ee58071f0d62178039fef690587f66256fbd060c3553fe2b6677de

  • SSDEEP

    49152:ecUeR/4tXOwssxLkn8lMZ6FkkUQDe16Scz5ROJTqLTaUgyQgSmJ1xjSlVR0oBIqY:ejm/OQsxI8lKk8GTaUgyQFKm

  Score

  10^/10

  vidarcredential_accessdiscoveryspywarestealer

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Uses browser remote debugging

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2