Vidar Stealer Evasion Arsenal


Vidar Stealer is not new to our world. It is known for stealing sensitive information such as banking details, IP addresses, saved passwords, browser history, login credentials, and recently, known crypto wallets. Being MAAS (Malware As A Service) gives it the ability to constantly develop. We spotted one of the new Variant’s hashes on RedBeard’s twitter page.

Following our research on the sample we have got, there is probably a code error. However, we have been able to detect several evasion techniques. There were two technique categories; anti-debugging and anti–emulation.

Read more…