Behavioral task
behavioral1
Sample
1516-178-0x0000000000400000-0x0000000000636000-memory.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1516-178-0x0000000000400000-0x0000000000636000-memory.exe
Resource
win10v2004-20220414-en
General
-
Target
1516-178-0x0000000000400000-0x0000000000636000-memory.dmp
-
Size
2.2MB
-
MD5
540057382bceef52ab6cee31f8b477e1
-
SHA1
8da2d27736d3851e42b91f8e6c6326d711963dd5
-
SHA256
a3c9b508aba2462c5b4dce62bffaa3fec81053fe0f134562683dc6a085283f08
-
SHA512
9cb570e392fe9b5435d206e54f2e6499722260ab25433af3724535fccbddd1eac78e0fd4fce9bf9d4d162b95093ae6e3481391b24b496c8af763e0728cb0a46b
-
SSDEEP
24576:lP/k69a/bcq76tndALvBDXrBVuIOzRVk:2Ea/bcq7EOLZLrBS9Vk
Malware Config
Extracted
vidar
39.4
706
https://sergeevih43.tumblr.com/
-
profile_id
706
Signatures
Files
-
1516-178-0x0000000000400000-0x0000000000636000-memory.dmp.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 517KB - Virtual size: 517KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 94KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE