Vidar Malware Analysis


Vidar is one of the top 10 stealer malware’s currently in operation. Its very thorough and it gets the job done in terms of stealing personal/sensitive information present on a system.

In this youtube video of Vidar Stealer Malware Analysis, I walk through the the unpacking of the malware followed by the analysis of how the stealer works.

Sample Analysed: 5cd0759c1e566b6e74ef3f29a49a34a08ded2dc44408fccd41b5a9845573a34c

During the analysis I encountered encrypted strings and Api’s which are resolved dynamically by the malware. In order to get the decoded strings and api’s I created idapython scripts which are posted on my github.