vidar | 4228-266-0x0000000001A30000-0x0000000001A8B000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

4228-266-0...ry.exe

windows7-x64

3

4228-266-0...ry.exe

windows10-2004-x64

3

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4228-266-0x0000000001A30000-0x0000000001A8B000-memory.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

4228-266-0x0000000001A30000-0x0000000001A8B000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

4228-266-0x0000000001A30000-0x0000000001A8B000-memory.dmp
Size

364KB
MD5

5be279cc476059625c039e598e32f200
SHA1

8e15b877d7e3478535f2f004e557f2441c229e4b
SHA256

5c215a22f0bde2e04aa078cc3bc8ba02961b5845cd83fec68f180f6af24560f2
SHA512

d69dd6aa0b4da9e430ddad9df4454201ddcd0bbc5ff68413258e0bd7083c6aa7c96ae7bf114fc118cb720d9249b2245da5f71ca3c1876cb566fc7fe4ed1169b4
SSDEEP

6144:I4uDAYY0nvBSrGI4Nv2QiLxZJ9aQyhxQR2ZLt4ve:zuVY0nvwrusZJ9aQyO2Z8

Score

10^/10

1148 vidar

Malware Config

Extracted

Family

vidar

Version

54.6

Botnet

1148

C2

https://t.me/huobiinside

https://mas.to/@kyriazhs1975

Attributes

profile_id
1148

Signatures

Vidar family
vidar

Files

4228-266-0x0000000001A30000-0x0000000001A8B000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy