Overview

overview

10

Static

static

55c13fa59c...a5.exe

windows7_x64

10

55c13fa59c...a5.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    169s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    15-02-2022 13:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    55c13fa59c8517e58164f51bb3b5cab7a28c88f82ba578df2f73795c9329b7a5.exe

  • Size

    721KB

  • MD5

    09f01e9e875c7a1d76bb0817a07f0cac

  • SHA1

    08760e083a332d50badc6bfc62a49deb5809e83d

  • SHA256

    55c13fa59c8517e58164f51bb3b5cab7a28c88f82ba578df2f73795c9329b7a5

  • SHA512

    4f53696dee4ded4ab71d7e3d4362b13b8508d4a79b2690782edfbd96b59053c2ead2b677bf9214b2ef489a1a3b96abbc9ec11fd447fd6d610b1cc71c5e6fee7f

Score
10/10
vidar937stealer

Malware Config

Extracted

Family

vidar

Version

48.7

Botnet

937

C2

https://mstdn.social/@anapa

https://mastodon.social/@mniami
Attributes
  • profile_id

    937

Signatures

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar
  • Vidar Stealer 2 IoCs
    stealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\55c13fa59c8517e58164f51bb3b5cab7a28c88f82ba578df2f73795c9329b7a5.exe
    "C:\Users\Admin\AppData\Local\Temp\55c13fa59c8517e58164f51bb3b5cab7a28c88f82ba578df2f73795c9329b7a5.exe"
    1⤵
      PID:1684

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1684-54-0x0000000002C6B000-0x0000000002CE7000-memory.dmp
      Filesize

      496KB

      Download
    • memory/1684-55-0x0000000075761000-0x0000000075763000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1684-56-0x0000000002C6B000-0x0000000002CE7000-memory.dmp
      Filesize

      496KB

      Download
    • memory/1684-57-0x00000000002D0000-0x00000000003A5000-memory.dmp
      Filesize

      852KB

      Download
    • memory/1684-58-0x0000000000400000-0x00000000004D8000-memory.dmp
      Filesize

      864KB

      Download