From f94e138b2706e978688682d831f000e37fa2d439 Mon Sep 17 00:00:00 2001
From: rmkml <rmkml@yahoo.fr>
Date: Fri, 12 Apr 2019 23:31:30 +0200
Subject: [PATCH] Add Vidar Stealer

---
 clusters/stealer.json | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/clusters/stealer.json b/clusters/stealer.json
index d262160..7511a0b 100644
--- a/clusters/stealer.json
+++ b/clusters/stealer.json
@@ -54,7 +54,18 @@
       },
       "uuid": "a646edab-5c6f-4a79-8a6c-153535259e16",
       "value": "AZORult"
+    },
+    {
+      "description": "Vidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.",
+      "meta": {
+        "date": "Dec 2018.",
+        "refs": [
+          "https://malpedia.caad.fkie.fraunhofer.de/details/win.vidar"
+        ]
+      },
+      "uuid": "a646edaa-4c6f-3a79-7a6c-143535259e15",
+      "value": "Vidar"
     }
   ],
-  "version": 4
+  "version": 5
 }