Extracted

• • Target

    crypted.exe

  • Size

    1.2MB

  • MD5

    b12e6c33aaa13c1e79772ef9817c69f7

  • SHA1

    e8d7ad2964419f9324e37016e5d6e2763184ad62

  • SHA256

    37fe77ebb9e0a268328482308d6779b0f5f08e4553833c9ac2da10492a55e8b3

  • SHA512

    c24f6a289c36d57396b3287a9db981280eadf84be583359d0d01ab4ee4553b80365134dca62c89ad7575e07e3c039aa10f4a2d37d230e81660f46a287b8a95eb

  • SSDEEP

    12288:VGQn7ZDgpAW8VTOzIUfVX5CF/ED2Na1n+gaG7rOqKa5OxaOlt1HZEzoYBcOxzKO5:Z23rzD2NaVDgdfE8Ac7BFUNppZwrlUR

  Score

  10^/10

  vidar00cb84c6bd4caac4bdfc1131beae4df7credential_accessdiscoveryspywarestealer

  • Detect Vidar Stealer

    stealer

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

  • Vidar family

    vidar

  • Uses browser remote debugging

    Can be used control the browser and steal sensitive information such as credentials and session cookies.

    credential_accessstealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2