Overview

overview

10

Static

static

10

992-66-0x0...ry.exe

windows7-x64

10

992-66-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    992-66-0x0000000001320000-0x00000000021CD000-memory.dmp

  • Size

    14.7MB

  • Sample

    221021-ntcreaabfl

  • MD5

    78e2fc3b281eae9ef2329adbb3e77862

  • SHA1

    a60e6f665ada3b4bce2221f5b7518e7f115a85f2

  • SHA256

    4824fc74ea6433b4621b77c9820acc4f1b7322716272f5c3bcea239d758abc50

  • SHA512

    e40f3d701cec919407f895283614aaf063b4efa4fa0f66d74f77588692b65fe3c8a7923de11e2614ef94f7ce793fbe8a2a974618ddfca945851208da9cec3c92

  • SSDEEP

    196608:9tve6uLHKGi4VqGG9XFXDwrF/GZemwOwovCxIYigz2gV:9tvbIKGPVa9lD2kZemwOwovCxnigzRV

Score
10/10
vidar1679stealerthemida

Malware Config

Extracted

Family

vidar

Version

55

Botnet

1679

C2

http://138.201.90.120:80

Attributes
  • profile_id

    1679

Targets

    • Target

      992-66-0x0000000001320000-0x00000000021CD000-memory.dmp

    • Size

      14.7MB

    • MD5

      78e2fc3b281eae9ef2329adbb3e77862

    • SHA1

      a60e6f665ada3b4bce2221f5b7518e7f115a85f2

    • SHA256

      4824fc74ea6433b4621b77c9820acc4f1b7322716272f5c3bcea239d758abc50

    • SHA512

      e40f3d701cec919407f895283614aaf063b4efa4fa0f66d74f77588692b65fe3c8a7923de11e2614ef94f7ce793fbe8a2a974618ddfca945851208da9cec3c92

    • SSDEEP

      196608:9tve6uLHKGi4VqGG9XFXDwrF/GZemwOwovCxIYigz2gV:9tvbIKGPVa9lD2kZemwOwovCxnigzRV

    Score
    10/10
    vidarstealerthemida

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks