VERY IMPORTANT

Some strings linked to Arkei signature was deleted and a new one appeared with the string “Vidar”, there are also some other tweaks in the in-depth analysis that proves there are some differences (but small), but all the rest was totally identical to Arkei. The malware is written in C++, seems to have started activities at the beginning of October 2018 and have all the kind of classic features of stealers.