Overview

overview

10

Static

static

1ddaf1428f...91.exe

windows7_x64

10

1ddaf1428f...91.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    149s
  • max time network
    167s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    12-02-2022 10:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ddaf1428fbb50f5ca15d0bd22c778c3589161d51a77791f0aa645a8dd9e9191.exe

  • Size

    734KB

  • MD5

    3f5c3438e86329ed834cf51c85606c4d

  • SHA1

    10d9c1ce923238976037299149eceb06c31e90c4

  • SHA256

    1ddaf1428fbb50f5ca15d0bd22c778c3589161d51a77791f0aa645a8dd9e9191

  • SHA512

    72d0aaa941f46b8fc7ea8f8e75f70b4e41af7079dc13053600a0937ca695d59a9a7276df9f3080f9605456312fd485a869aad37692441628102a2899a2c8ebab

Score
10/10
vidar937stealer

Malware Config

Extracted

Family

vidar

Version

49.1

Botnet

937

C2

https://noc.social/@sergeev46

https://c.im/@sergeev47
Attributes
  • profile_id

    937

Signatures

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar
  • Vidar Stealer 2 IoCs
    stealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\1ddaf1428fbb50f5ca15d0bd22c778c3589161d51a77791f0aa645a8dd9e9191.exe
    "C:\Users\Admin\AppData\Local\Temp\1ddaf1428fbb50f5ca15d0bd22c778c3589161d51a77791f0aa645a8dd9e9191.exe"
    1⤵
      PID:832

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/832-55-0x00000000006AB000-0x0000000000728000-memory.dmp
      Filesize

      500KB

      Download
    • memory/832-56-0x00000000763F1000-0x00000000763F3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/832-57-0x00000000006AB000-0x0000000000728000-memory.dmp
      Filesize

      500KB

      Download
    • memory/832-58-0x0000000000540000-0x0000000000619000-memory.dmp
      Filesize

      868KB

      Download
    • memory/832-59-0x0000000000400000-0x00000000004DD000-memory.dmp
      Filesize

      884KB

      Download