file[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20221111-en

vidar 1679 discovery evasion spyware stealer trojan

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

vidar 1679 evasion stealer trojan

windows10-2004-x64

6 signatures

150 seconds

General

Target

file.exe
Size

4.5MB
MD5

c610df9a9e6f7d21499db050d432f9f9
SHA1

669b0a9b1cba6ffacf5e975462767138624c88bb
SHA256

8864cd7cbc654d6a0abd75fe8152562f1a9837122bf829832fb4093be252b2e2
SHA512

3bffbde7a2acbbb3fc6caf2c159b11c0377b78e16f0e68db70e20632527c83c955d745b698ac2d6f888e9e10aed201261a7a17534a490e87a8a7b5426a9144a7
SSDEEP

98304:/B9kgT3HqFYzqbO0LO0hEOQbzc5fW1uTSITB4rc2UTBG5sq:5KgTedO09EOoufW414rY9G5L

Score

N/A

Malware Config

Signatures

Files

file.exe
.exe windows x86

407e3b5378b3b0b56c578f72b3227fa9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

ReleaseDC

gdi32

CreateDCA

Sections

.MPRESS1
Size: 4.3MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy