Analysis
-
max time kernel
131s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
13-03-2022 01:19
Static task
static1
Behavioral task
behavioral1
Sample
00d6f31d90383a9476740df502edfc98b5487307b171f3b5ea3aa2f24770a653.exe
Resource
win7-20220311-en
windows7_x64
0 signatures
0 seconds
General
-
Target
00d6f31d90383a9476740df502edfc98b5487307b171f3b5ea3aa2f24770a653.exe
-
Size
612KB
-
MD5
73436d25c84169541b65e0918915e9b1
-
SHA1
172ff84dcf78e107491b41571633706f2769fc89
-
SHA256
00d6f31d90383a9476740df502edfc98b5487307b171f3b5ea3aa2f24770a653
-
SHA512
1cdada9ebc78d35c9a3abd46c822ba99a069388130c3d9e120d87d757991bc6b23222a920e5bb7695190bbed2a7c3855b71b4f7b21aaf7a3101a30c46433adcb
Malware Config
Extracted
Family
vidar
Version
50.4
Botnet
565
C2
https://mastodon.online/@samsa11
https://koyu.space/@samsa2l
Attributes
-
profile_id
565
Signatures
-
Vidar Stealer 2 IoCs
Processes:
resource yara_rule behavioral2/memory/3796-134-0x0000000002370000-0x000000000241C000-memory.dmp family_vidar behavioral2/memory/3796-135-0x0000000000400000-0x00000000006B2000-memory.dmp family_vidar