Behavioral task
behavioral1
Sample
2200-248-0x0000000000400000-0x0000000002CBF000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2200-248-0x0000000000400000-0x0000000002CBF000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
2200-248-0x0000000000400000-0x0000000002CBF000-memory.dmp
-
Size
6.0MB
-
MD5
5183716cf99627396cbaa52b0f554f4d
-
SHA1
dfff710c91a946be3db663a23a929cfaceb09f37
-
SHA256
2c89f402a3a38b9dd6902993e3680e91afed56a6527a516c6b6732652f77b693
-
SHA512
1f6d22222d82976a2b7e7ad3bbf82a9aa90d5011713414ae91348533a5e5f2e8ad34235d6e39a20a94960bb41402a1723e2c2d3707b275343085a47a9a6e1469
-
SSDEEP
24576:XPvANi9bQzJ79uvqLEjnJkVeSUmXFLDo:OcbQzJ797wjJAeSRfo
Malware Config
Extracted
vidar
39.9
937
https://prophefliloc.tumblr.com/
-
profile_id
937
Signatures
Files
-
2200-248-0x0000000000400000-0x0000000002CBF000-memory.dmp.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 517KB - Virtual size: 517KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 94KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE