Overview

overview

10

Static

static

bc4d1e8e09...03.exe

windows7_x64

10

bc4d1e8e09...03.exe

windows10-2004_x64

10

Resubmissions

22-04-2022 11:52

220422-n1tcqscad7 10

19-04-2022 14:05

220419-rdt8asfbg5 7

Analysis

  • max time kernel
    41s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    22-04-2022 11:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bc4d1e8e09905b7dd1d4b14ae7ba3b100e1baa7aeb567e225107d4439da03403.exe

  • Size

    635KB

  • MD5

    ebfb5ded5dc595e22ee02b08597b93eb

  • SHA1

    8c33736b8b3dc750027ef49b1059d5d3a231182a

  • SHA256

    bc4d1e8e09905b7dd1d4b14ae7ba3b100e1baa7aeb567e225107d4439da03403

  • SHA512

    e74d3f71ece40008cdcb7bcdfc6547ca406e4fb3fd3048177648d0ae906ad11223412963ee6b2b3ebe70a14006bc4ddb9d387b129a4f27fd34c4e8a9f5afdead

Score
10/10
vidar977stealer

Malware Config

Extracted

Family

vidar

Version

51.7

Botnet

977

C2

https://t.me/hi20220412

https://noc.social/@samal6
Attributes
  • profile_id

    977

Signatures

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar
  • Vidar Stealer 2 IoCs
    stealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\bc4d1e8e09905b7dd1d4b14ae7ba3b100e1baa7aeb567e225107d4439da03403.exe
    "C:\Users\Admin\AppData\Local\Temp\bc4d1e8e09905b7dd1d4b14ae7ba3b100e1baa7aeb567e225107d4439da03403.exe"
    1⤵
      PID:1580

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1580-54-0x0000000000628000-0x0000000000695000-memory.dmp
      Filesize

      436KB

      Download
    • memory/1580-55-0x0000000075E51000-0x0000000075E53000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1580-56-0x0000000000628000-0x0000000000695000-memory.dmp
      Filesize

      436KB

      Download
    • memory/1580-57-0x00000000004D0000-0x000000000057F000-memory.dmp
      Filesize

      700KB

      Download
    • memory/1580-58-0x0000000000400000-0x00000000004C7000-memory.dmp
      Filesize

      796KB

      Download