General

  • Target

    setups.exe

  • Size

    389.1MB

  • MD5

    c2e942fb09a439c3a2687e6b389c9251

  • SHA1

    d5e1230a1c965da0a907557258da95e27bc8ec00

  • SHA256

    8b277cc1f2ec679a58204383a4a88513878377f8cdee4a1e4a7edfb7e98527cc

  • SHA512

    708a44c6cd745fdc8be6ff9478c66ac98e19d167bd8caea7551843211d0d2dc3e5fab1833f386787103a16dc756820c7019a85397beab6aebe53b25574e7fcee

  • SSDEEP

    49152:Nmq0q3HQsPG0yyfyRA9XApRHNSgjIoQFSA:/z16Cqp7FqFSA

Malware Config

Extracted

Family

vidar

Version

53.1

Botnet

1281

C2

http://t.me/dvijkkkk

Attributes
  • profile_id

    1281

Signatures

  • Vidar Stealer 1 IoCs
  • Vidar family
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

Files

  • setups.exe
    .exe windows x86


    Code Sign

    Headers

    Sections