file[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

vidar 1679 discovery evasion spyware stealer trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220812-en

vidar 1679 discovery evasion spyware stealer trojan

windows10-2004-x64

18 signatures

150 seconds

General

Target

file.exe
Size

4.7MB
MD5

163c36b2ba92689c2f0e4b6a73996e2c
SHA1

79f649cb3a0721554295a85da03959fff93ccfdb
SHA256

df818a3a0dafe43806176237e29c1875c9de99928f87104fd7ee07b5f03f3d6c
SHA512

fd8f826676df371da130ade6f007241c4e7aeb27633266f2208b4c6e3c2d31bddf581dd51b7e651f560b214e069cd08149252c6aa76ba2992fdf3eb19bf6733f
SSDEEP

98304:F1Ozmu8Pr7BM/DCHwoLVo5cDmEPP/MXZWsX5o4RjO5P5VPSpBvnITwSi5gub:F1tfBcuHwoLe550P/ozoajO5PGpxywSO

Score

N/A

Malware Config

Signatures

Files

file.exe
.exe windows x86

721cd717f35c5e40e29b803b9bf6fba2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shell32

ShellExecuteA

crypt32

CryptStringToBinaryA

wtsapi32

WTSSendMessageW

user32

MessageBoxW

Sections

.MPRESS1
Size: 4.5MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy