vidar | 390d7472201e8ea9bdc6c7fa2b4ab1f6faca02071f1f997037cc5f52759a9cb6

Submit
Reports

Overview

overview

Static

static

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

Resubmissions

12-11-2021 18:04

211112-wnzb8aahhm 10

19-11-2020 10:08

201119-rhwlt38jrx 10

18-11-2020 17:26

201118-htd4fq29va 10

Analysis

max time kernel
313s
max time network
379s
platform
windows10_x64
resource
win10v20201028
submitted
19-11-2020 10:08

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

Behavioral task

behavioral1

Sample

1.bin/1.exe

Resource

win10v20201028

agenttesla danabot dharma formbook gozi_rm3 qakbot 86920224 spx129 1590734339 agilenet banker botnet coreentity cryptone evasion keylogger packer persistence ransomware rat rezer0 spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2019-09-02_22-41-10.exe

Resource

win10v20201028

smokeloader backdoor trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

31.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

3DMark 11 Advanced Edition.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18.exe

Resource

win10v20201028

discovery persistence ransomware upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

Archive.zip__ccacaxs2tbz2t6ob3e.exe

Resource

win10v20201028

discovery persistence spyware stealer

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

CVE-2018-15982_PoC.swf

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

CVWSHSetup[1].bin/WSHSetup[1].exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

DiskInternals_Uneraser_v5_keygen.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

ForceOp 2.8.7 - By RaiSence.exe

Resource

win10v20201028

dcrat infostealer rat

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

HYDRA.exe

Resource

win10v20201028

smokeloader backdoor persistence trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

Keygen.exe

Resource

win10v20201028

asyncrat azorult modiloader oski raccoon remcos 5e4db353b88c002ba6466c06437973619aad03b3 discovery evasion infostealer persistence rat spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

Lonelyscreen.1.2.9.keygen.by.Paradox/Lonelyscreen.1.2.9.keygen.by.Paradox.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

LtHv0O2KZDK4M637.exe

Resource

win10v20201028

azorult rms xmrig aspackv2 discovery evasion infostealer miner persistence rat spyware stealer trojan upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

Magic_File_v3_keygen_by_KeygenNinja.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

OnlineInstaller.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

Remouse.Micro.Micro.v3.5.3.serial.maker.by.aaocg.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

SecurityTaskManager_Setup.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

Treasure.Vault.3D.Screensaver.keygen.by.Paradox.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

VyprVPN.exe

Resource

win10v20201028

persistence spyware stealer

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

WSHSetup[1].exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

___ _ _____ __ ___/전산 및 비전산자료 보존 요청서/전산 및 비전산자료 보존 요.exe

Resource

win10v20201028

vidar stealer

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

___ _ _____ __ ___/전산 및 비전산자료 보존 요청서/전산 및 비전산자료 보존 요.exe

Resource

win10v20201028

makop persistence ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

amtemu.v0.9.2.win-painter_edited.exe

Resource

win10v20201028

asyncrat azorult betabot modiloader oski raccoon remcos 5e4db353b88c002ba6466c06437973619aad03b3 backdoor botnet discovery evasion infostealer persistence rat spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

api.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

default.exe

Resource

win10v20201028

buran persistence ransomware

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

efd97b1038e063779fb32a3ab35adc481679a5c6c8e3f4f69c44987ff08b6ea4.js

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

good.exe

Resource

win10v20201028

phorphiex evasion loader persistence trojan upx worm

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

infected dot net installer.exe

Resource

win10v20201028

persistence

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

oof.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

ou55sg33s_1.exe

Resource

win10v20201028

asyncrat azorult betabot modiloader oski raccoon remcos 5e4db353b88c002ba6466c06437973619aad03b3 backdoor botnet discovery evasion infostealer persistence rat spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

update.exe

Resource

win10v20201028

azorult redline rms xmrig aspackv2 discovery evasion infostealer miner persistence rat spyware stealer trojan upx

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

___ _ _____ __ ___/전산 및 비전산자료 보존 요청서/전산 및 비전산자료 보존 요.exe

Score

10^/10

vidar stealer

Malware Config

Signatures

Vidar
Vidar is an infostealer based on Arkei stealer.
stealer vidar

Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes:

전산 및 비전산자료 보존 요.exe

pid	process
1176	전산 및 비전산자료 보존 요.exe
1176	전산 및 비전산자료 보존 요.exe
1176	전산 및 비전산자료 보존 요.exe
1176	전산 및 비전산자료 보존 요.exe
1176	전산 및 비전산자료 보존 요.exe
1176	전산 및 비전산자료 보존 요.exe

Processes

C:\Users\Admin\AppData\Local\Temp\___ _ _____ __ ___\전산 및 비전산자료 보존 요청서\전산 및 비전산자료 보존 요.exe
"C:\Users\Admin\AppData\Local\Temp\___ _ _____ __ ___\전산 및 비전산자료 보존 요청서\전산 및 비전산자료 보존 요.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1176-0-0x0000000000B19000-0x0000000000B1A000-memory.dmp

Filesize
4KB

Download
memory/1176-1-0x00000000026A0000-0x00000000026A1000-memory.dmp

Filesize
4KB

Download