General
-
Target
5d5e83e151a99bed97e13839e8881cb5.exe
-
Size
585KB
-
Sample
210927-tt9c9shdh3
-
MD5
5d5e83e151a99bed97e13839e8881cb5
-
SHA1
4f008fe578e0f32ed5dda8d30883a900630f1be4
-
SHA256
1a0f891e8d7d659d550b35c54f542180cd2629d3a62e35e695e43fd1f5dad0b3
-
SHA512
23705b79eac9d8725a1f366ba685664345d5dbca951d82b2fd554efde68d7fc038180e26329adaf43ac693b84c292ab12585237433c0c4e085c0f785cb43506b
Malware Config
Targets
-
-
Target
5d5e83e151a99bed97e13839e8881cb5.exe
-
Size
585KB
-
MD5
5d5e83e151a99bed97e13839e8881cb5
-
SHA1
4f008fe578e0f32ed5dda8d30883a900630f1be4
-
SHA256
1a0f891e8d7d659d550b35c54f542180cd2629d3a62e35e695e43fd1f5dad0b3
-
SHA512
23705b79eac9d8725a1f366ba685664345d5dbca951d82b2fd554efde68d7fc038180e26329adaf43ac693b84c292ab12585237433c0c4e085c0f785cb43506b
Score10/10-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
Vidar Stealer
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-