Rewterz Threat Alert – FormBook Malware – Active IOCs
August 14, 2021Rewterz Threat Alert – AZORult Malware – Active IOCs
August 16, 2021Rewterz Threat Alert – FormBook Malware – Active IOCs
August 14, 2021Rewterz Threat Alert – AZORult Malware – Active IOCs
August 16, 2021Severity
High
Analysis Summary
Spyware.Vidar is a product that offers threat actors the option to set their preferences for the stolen information. Besides credit card numbers and passwords, Vidar can also scrape an impressive selection of digital wallets. This spyware can be spread using various campaigns. Vidar, which originally became active in late 2018, is a family of malware that operates primarily as an information stealer and is often observed as a precursor to ransomware deployment. It enables the capture and exfiltration of data from a system, including system information, browser data, and credentials
Impact
- Data exfiltration
- Information theft
- Exposure of sensitive data
Indicators of Compromise
MD5
- 1130cbf154f02b2ea574c8e7c99c6424
- 22ff4cab9b222f7bcc57ac3c317b02f5
SHA-256
- e3be403909d1cee855913c0b6a5f40cd48baac3211588098ae53cc2579063448
- edf0c8016d4968b1784a0121e2dbaac68445f8a8280a0a590b44e31a15bf3355
SHA1
- b2c1f276acff21f0e89f65a46f1ae6280e0004a6
- ea845f88acc2ac84ab79fab324e70d6e4d3a2277
URL
- https[:]//crackdev[.]com/windows-10-activator-full-product-key/
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.