Overview

overview

10

Static

static

10

328-65-0x0...ry.exe

windows7-x64

10

328-65-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    328-65-0x0000000001010000-0x0000000002016000-memory.dmp

  • Size

    16.0MB

  • Sample

    221018-z4jhgsdge6

  • MD5

    102bc2fdb9dcb35f9ff553d740b7c59c

  • SHA1

    8fd296ac98416bf3e141b2fe4184d974a86e9a71

  • SHA256

    cfd6cdee5026eb53f43200c784407964afd5123c597d1a9d44b0d824a83a04e7

  • SHA512

    a288183b61b9a6a82e9d032d482c7a8786cf9125810ddcc3320016c3291abeab1bf4692aeff5065f82255a5c1bdf24fd39f06255a17f3136613cf1029ac61526

  • SSDEEP

    196608:jtEBBuLHKGi4VqGG9XFXXb+dlCLo6m+Wup:jtEbIKGPVa9lswo6m+Wu

Score
10/10
vidar1679stealerthemida

Malware Config

Extracted

Family

vidar

Version

55

Botnet

1679

C2

http://138.201.90.120:80

Attributes
  • profile_id

    1679

Targets

    • Target

      328-65-0x0000000001010000-0x0000000002016000-memory.dmp

    • Size

      16.0MB

    • MD5

      102bc2fdb9dcb35f9ff553d740b7c59c

    • SHA1

      8fd296ac98416bf3e141b2fe4184d974a86e9a71

    • SHA256

      cfd6cdee5026eb53f43200c784407964afd5123c597d1a9d44b0d824a83a04e7

    • SHA512

      a288183b61b9a6a82e9d032d482c7a8786cf9125810ddcc3320016c3291abeab1bf4692aeff5065f82255a5c1bdf24fd39f06255a17f3136613cf1029ac61526

    • SSDEEP

      196608:jtEBBuLHKGi4VqGG9XFXXb+dlCLo6m+Wup:jtEbIKGPVa9lswo6m+Wu

    Score
    10/10
    vidarstealerthemida

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks