nullchar \x00Vidar Malware Analysis
Contents
Vidar is one of the top 10 stealer malware’s currently in operation. Its very thorough and it gets the job done in terms of stealing personal/sensitive information present on a system.
In this youtube video of Vidar Stealer Malware Analysis, I walk through the the unpacking of the malware followed by the analysis of how the stealer works.
Sample Analysed: 5cd0759c1e566b6e74ef3f29a49a34a08ded2dc44408fccd41b5a9845573a34c
During the analysis I encountered encrypted strings and Api’s which are resolved dynamically by the malware. In order to get the decoded strings and api’s I created idapython scripts which are posted on my github.