Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Vidar | Vidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser. | No Attribution |
|
AV Detection |
---|
Source: |
Malware Configuration Extractor: |
Source: |
Virustotal: |
Perma Link |
Source: |
Integrated Neural Analysis Model: |
Source: |
Static PE information: |
Source: |
HTTPS traffic detected: |
||
Source: |
HTTPS traffic detected: |
Source: |
Static PE information: |
Source: |
Code function: |
0_2_00406301 | |
Source: |
Code function: |
0_2_00406CC7 | |
Source: |
Code function: |
10_2_00C5DC54 | |
Source: |
Code function: |
10_2_00C6A087 | |
Source: |
Code function: |
10_2_00C6A1E2 | |
Source: |
Code function: |
10_2_00C5E472 | |
Source: |
Code function: |
10_2_00C6A570 | |
Source: |
Code function: |
10_2_00C666DC | |
Source: |
Code function: |
10_2_00C2C622 | |
Source: |
Code function: |
10_2_00C673D4 | |
Source: |
Code function: |
10_2_00C67333 | |
Source: |
Code function: |
10_2_00C5D921 |
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior |
Source: |
Memory has grown: |
Networking |
---|
Source: |
Suricata IDS: |
||
Source: |
Suricata IDS: |
||
Source: |
Suricata IDS: |
||
Source: |
Suricata IDS: |
Source: |
URLs: |
Source: |
HTTP traffic detected: |
Source: |
IP Address: |
||
Source: |
IP Address: |
||
Source: |
IP Address: |
Source: |
ASN Name: |
Source: |
JA3 fingerprint: |
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
TCP traffic detected without corresponding DNS query: |
||
Source: |
UDP traffic detected without corresponding DNS query: |
||
Source: |
UDP traffic detected without corresponding DNS query: |
||
Source: |
UDP traffic detected without corresponding DNS query: |
||
Source: |
UDP traffic detected without corresponding DNS query: |
||
Source: |
UDP traffic detected without corresponding DNS query: |
Source: |
Code function: |
10_2_00C6D889 |
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
||
Source: |
HTTP traffic detected: |
Source: |
String found in binary or memory: |
||
Source: |
String found in binary or memory: |
||
Source: |
String found in binary or memory: |