General
-
Target
Premium_FiIe_1234_Xc5_Active.rar
-
Size
5.8MB
-
MD5
f2aeee4074f83e4568829a38f562920a
-
SHA1
bb604d8edf3a5d1797309e06cb227dbda1ce3e85
-
SHA256
f82cf1d06e116945ecc0c995dd10c9e76e62ecbb9d7f0964d212822498d7c032
-
SHA512
bc6182cc3beafa316f7f20646688232d581df121fbba2c5bd25a7ba12197cac6c8e78f4e39f8ba89228a930f889f5875af37d2a6d3bc4630e4085c5030b64a96
-
SSDEEP
98304:qVU4/8aASNHgrt3T2nkseEySzUyGjjicbAZD0ACpm/Dn1kLjPeeh:UTS3vGUyGVbu0AC+kvey
Score
10/10
Malware Config
Extracted
Family
vidar
Version
55.9
Botnet
1839
C2
https://t.me/headshotsonly
https://steamcommunity.com/profiles/76561199436777531
Attributes
-
profile_id
1839
Signatures
-
Vidar family
Files
-
Premium_FiIe_1234_Xc5_Active.rar
Password: 1234
-
X$etup-here .rar
Password: 1234
-
About/ActiveXInstallService.admx
-
About/AddRemovePrograms.admx
-
About/AppCompat.admx
-
About/AppXRuntime.admx
-
About/AppxPackageManager.admx
-
About/AttachmentManager.admx
-
About/AuditSettings.admx
-
About/AutoPlay.admx
-
About/Biometrics.admx
-
About/Bits.admx
-
About/CEIPEnable.admx
-
About/COM.admx
-
About/CipherSuiteOrder.admx
-
About/Conf.admx
-
About/ControlPanel.admx
-
About/ControlPanelDisplay.admx
-
About/Cpls.admx
-
About/CredSsp.admx
-
About/CredUI.admx
-
About/CredentialProviders.admx
-
About/CtrlAltDel.admx
-
About/DCOM.admx
-
About/DFS.admx
-
About/DWM.admx
-
About/Desktop.admx
-
About/DeviceCompat.admx
-
About/DeviceInstallation.admx
-
About/DeviceSetup.admx
-
About/DigitalLocker.admx
-
About/DiskDiagnostic.admx
-
About/DiskNVCache.admx
-
About/DiskQuota.admx
-
About/DistributedLinkTracking.admx
-
About/DnsClient.admx
-
About/EAIME.admx
-
About/EarlyLaunchAM.admx
-
About/EdgeUI.admx
-
About/EncryptFilesonMove.admx
-
About/ErrorReporting.admx
-
About/EventForwarding.admx
-
About/EventLog.admx
-
About/EventViewer.admx
-
About/Explorer.admx
-
About/ExternalBoot.admx
-
About/FileHistory.admx
-
About/FileRecovery.admx
-
About/FileRevocation.admx
-
About/FileServerVSSProvider.admx
-
About/FileSys.admx
-
About/Globalization.admx
-
About/GroupPolicy-Server.admx
-
About/GroupPolicy.admx
-
About/GroupPolicyPreferences.admx
-
About/Help.admx
-
About/HelpAndSupport.admx
-
About/ICM.admx
-
About/IIS.admx
-
About/InkWatson.admx
-
About/Kerberos.admx
-
About/LanmanServer.admx
-
About/LeakDiagnostic.admx
-
About/LinkLayerTopologyDiscovery.admx
-
About/LocationProviderAdm.admx
-
About/Logon.admx
-
About/MMC.admx
-
About/MMCSnapIns2.admx
-
About/MMCSnapins.admx
-
About/MSDT.admx
-
About/MSI.admx
-
About/MediaCenter.admx
-
About/MobilePCMobilityCenter.admx
-
About/MobilePCPresentationSettings.admx
-
About/Msi-FileRecovery.admx
-
About/NAPXPQec.admx
-
About/NCSI.admx
-
About/Netlogon.admx
-
About/NetworkConnections.admx
-
About/NetworkIsolation.admx
-
About/NetworkProjection.admx
-
About/OfflineFiles.admx
-
About/P2P-pnrp.admx
-
About/ParentalControls.admx
-
About/PeerToPeerCaching.admx
-
About/PenTraining.admx
-
About/PerformanceDiagnostics.admx
-
About/PerformancePerftrack.admx
-
About/Power.admx
-
About/PowerShellExecutionPolicy.admx
-
About/PreviousVersions.admx
-
About/Printing.admx
-
About/Printing2.admx
-
About/Programs.admx
-
About/PswdSync.admx
-
About/QOS.admx
-
About/RPC.admx
-
About/RacWmiProv.admx
-
About/Radar.admx
-
About/ReAgent.admx
-
About/Reliability.admx
-
About/RemoteAssistance.admx
-
About/RemovableStorage.admx
-
About/Scripts.admx
-
About/Securitycenter.admx
-
About/Sensors.admx
-
About/ServerManager.admx
-
About/Servicing.admx
-
About/SettingSync.admx
-
About/Setup.admx
-
About/SharedFolders.admx
-
About/Sharing.admx
-
About/Shell-CommandPrompt-RegEditTools.admx
-
About/ShellWelcomeCenter.admx
-
About/Sidebar.admx
-
About/SkyDrive.admx
-
About/Smartcard.admx
-
About/Snis.admx
-
About/Snmp.admx
-
About/SoundRec.admx
-
About/StartMenu.admx
-
About/SystemRestore.admx
-
About/TPM.admx
-
About/TabletPCInputPanel.admx
-
About/TabletShell.admx
-
About/TaskScheduler.admx
-
About/Taskbar.admx
-
About/TerminalServer-Server.admx
-
About/TerminalServer.admx
-
About/Thumbnails.admx
-
About/TouchInput.admx
-
About/UserProfiles.admx
-
About/VolumeEncryption.admx
-
About/W32Time.admx
-
About/WCM.admx
-
About/WDI.admx
-
About/WPN.admx
-
About/WinCal.admx
-
About/WinInit.admx
-
About/WinLogon.admx
-
About/Windows.admx
-
About/WindowsAnytimeUpgrade.admx
-
About/WindowsBackup.admx
-
About/WindowsColorSystem.admx
-
About/WindowsConnectNow.admx
-
About/WindowsDefender.admx
-
About/WindowsExplorer.admx
-
About/WindowsFileProtection.admx
-
About/WindowsFirewall.admx
-
About/WindowsMail.admx
-
About/WindowsMediaDRM.admx
-
About/WindowsMediaPlayer.admx
-
About/WindowsMessenger.admx
-
About/WindowsProducts.admx
-
About/WindowsRemoteManagement.admx
-
About/WindowsRemoteShell.admx
-
About/WindowsServer.admx
-
About/WindowsUpdate.admx
-
About/Winsrv.admx
-
About/WordWheel.admx
-
About/WorkFolders-Client.admx
-
About/WorkplaceJoin.admx
-
About/en-USA/ActiveXInstallService.adml
-
About/en-USA/AddRemovePrograms.adml
-
About/en-USA/AppCompat.adml
-
About/en-USA/AppXRuntime.adml
-
About/en-USA/AppxPackageManager.adml
-
About/en-USA/AttachmentManager.adml
-
About/en-USA/AuditSettings.adml
-
About/en-USA/AutoPlay.adml
-
About/en-USA/Biometrics.adml
-
About/en-USA/Bits.adml
-
About/en-USA/CEIPEnable.adml
-
About/en-USA/COM.adml
-
About/en-USA/CipherSuiteOrder.adml
-
About/en-USA/Conf.adml
-
About/en-USA/ControlPanel.adml
-
About/en-USA/ControlPanelDisplay.adml
-
About/en-USA/Cpls.adml
-
About/en-USA/CredSsp.adml
-
About/en-USA/CredUI.adml
-
About/en-USA/CredentialProviders.adml
-
About/en-USA/CtrlAltDel.adml
-
About/en-USA/DCOM.adml
-
About/en-USA/DFS.adml
-
About/en-USA/DWM.adml
-
About/en-USA/Desktop.adml
-
About/en-USA/DeviceCompat.adml
-
About/en-USA/DeviceInstallation.adml
-
About/en-USA/DeviceSetup.adml
-
About/en-USA/DigitalLocker.adml
-
About/en-USA/DiskDiagnostic.adml
-
About/en-USA/DiskNVCache.adml
-
About/en-USA/DiskQuota.adml
-
About/en-USA/DistributedLinkTracking.adml
-
About/en-USA/DnsClient.adml
-
About/en-USA/EAIME.adml
-
About/en-USA/EarlyLaunchAM.adml
-
About/en-USA/EdgeUI.adml
-
About/en-USA/EncryptFilesonMove.adml
-
About/en-USA/ErrorReporting.adml
-
About/en-USA/EventForwarding.adml
-
About/en-USA/EventLog.adml
-
About/en-USA/EventViewer.adml
-
About/en-USA/Explorer.adml
-
About/en-USA/ExternalBoot.adml
-
About/en-USA/FileHistory.adml
-
About/en-USA/FileRecovery.adml
-
About/en-USA/FileRevocation.adml
-
About/en-USA/FileServerVSSProvider.adml
-
About/en-USA/FileSys.adml
-
About/en-USA/FolderRedirection.adml
-
About/en-USA/FramePanes.adml
-
About/en-USA/GameExplorer.adml
-
About/en-USA/Globalization.adml
-
About/en-USA/GroupPolicy-Server.adml
-
About/en-USA/GroupPolicy.adml
-
About/en-USA/GroupPolicyPreferences.adml
-
About/en-USA/Help.adml
-
About/en-USA/HelpAndSupport.adml
-
About/en-USA/ICM.adml
-
About/en-USA/IIS.adml
-
About/en-USA/InetRes.adml
-
About/en-USA/InkWatson.adml
-
About/en-USA/KDC.adml
-
About/en-USA/Kerberos.adml
-
About/en-USA/LanmanServer.adml
-
About/en-USA/LeakDiagnostic.adml
-
About/en-USA/LinkLayerTopologyDiscovery.adml
-
About/en-USA/LocationProviderAdm.adml
-
About/en-USA/Logon.adml
-
About/en-USA/MMC.adml
-
About/en-USA/MMCSnapIns2.adml
-
About/en-USA/MMCSnapins.adml
-
About/en-USA/MSDT.adml
-
About/en-USA/MSI.adml
-
About/en-USA/MediaCenter.adml
-
About/en-USA/MobilePCMobilityCenter.adml
-
About/en-USA/MobilePCPresentationSettings.adml
-
About/en-USA/Msi-FileRecovery.adml
-
About/en-USA/NAPXPQec.adml
-
About/en-USA/NCSI.adml
-
About/en-USA/Netlogon.adml
-
About/en-USA/NetworkConnections.adml
-
About/en-USA/NetworkIsolation.adml
-
About/en-USA/NetworkProjection.adml
-
About/en-USA/OfflineFiles.adml
-
About/en-USA/P2P-pnrp.adml
-
About/en-USA/ParentalControls.adml
-
About/en-USA/PeerToPeerCaching.adml
-
About/en-USA/PenTraining.adml
-
About/en-USA/PerformanceDiagnostics.adml
-
About/en-USA/PerformancePerftrack.adml
-
About/en-USA/Power.adml
-
About/en-USA/PowerShellExecutionPolicy.adml
-
About/en-USA/PreviousVersions.adml
-
About/en-USA/Printing.adml
-
About/en-USA/Printing2.adml
-
About/en-USA/Programs.adml
-
About/en-USA/PswdSync.adml
-
About/en-USA/QOS.adml
-
About/en-USA/RPC.adml
-
About/en-USA/RacWmiProv.adml
-
About/en-USA/Radar.adml
-
About/en-USA/ReAgent.adml
-
About/en-USA/Reliability.adml
-
About/en-USA/RemoteAssistance.adml
-
About/en-USA/RemovableStorage.adml
-
About/en-USA/Scripts.adml
-
About/en-USA/Securitycenter.adml
-
About/en-USA/Sensors.adml
-
About/en-USA/ServerManager.adml
-
About/en-USA/Servicing.adml
-
About/en-USA/SettingSync.adml
-
About/en-USA/Setup.adml
-
About/en-USA/SharedFolders.adml
-
About/en-USA/Sharing.adml
-
About/en-USA/Shell-CommandPrompt-RegEditTools.adml
-
About/en-USA/ShellWelcomeCenter.adml
-
About/en-USA/Sidebar.adml
-
About/en-USA/SkyDrive.adml
-
About/en-USA/Smartcard.adml
-
About/en-USA/Snis.adml
-
About/en-USA/Snmp.adml
-
About/en-USA/SoundRec.adml
-
About/en-USA/StartMenu.adml
-
About/en-USA/SystemRestore.adml
-
About/en-USA/TPM.adml
-
About/en-USA/TabletPCInputPanel.adml
-
About/en-USA/TabletShell.adml
-
About/en-USA/TaskScheduler.adml
-
About/en-USA/Taskbar.adml
-
About/en-USA/TerminalServer-Server.adml
-
About/en-USA/TerminalServer.adml
-
About/en-USA/Thumbnails.adml
-
About/en-USA/TouchInput.adml
-
About/en-USA/UserProfiles.adml
-
About/en-USA/VolumeEncryption.adml
-
About/en-USA/W32Time.adml
-
About/en-USA/WCM.adml
-
About/en-USA/WDI.adml
-
About/en-USA/WPN.adml
-
About/en-USA/WinCal.adml
-
About/en-USA/WinInit.adml
-
About/en-USA/WinLogon.adml
-
About/en-USA/Windows.adml
-
About/en-USA/WindowsAnytimeUpgrade.adml
-
About/en-USA/WindowsBackup.adml
-
About/en-USA/WindowsColorSystem.adml
-
About/en-USA/WindowsConnectNow.adml
-
About/en-USA/WindowsDefender.adml
-
About/en-USA/WindowsExplorer.adml
-
About/en-USA/WindowsFileProtection.adml
-
About/en-USA/WindowsFirewall.adml
-
About/en-USA/WindowsMail.adml
-
About/en-USA/WindowsMediaDRM.adml
-
About/en-USA/WindowsMediaPlayer.adml
-
About/en-USA/WindowsMessenger.adml
-
About/en-USA/WindowsProducts.adml
-
About/en-USA/WindowsRemoteManagement.adml
-
About/en-USA/WindowsRemoteShell.adml
-
About/en-USA/WindowsServer.adml
-
About/en-USA/WindowsUpdate.adml
-
About/en-USA/Winsrv.adml
-
About/en-USA/WordWheel.adml
-
About/en-USA/WorkFolders-Client.adml
-
About/en-USA/WorkplaceJoin.adml
-
About/en-USA/fthsvc.adml
-
About/en-USA/hotspotauth.adml
-
About/en-USA/iSCSI.adml
-
About/en-USA/msched.adml
-
About/en-USA/nca.adml
-
About/en-USA/pca.adml
-
About/en-USA/sdiageng.adml
-
About/en-USA/srm-fci.adml
-
About/en-USA/tcpip.adml
-
About/en-USA/wlansvc.adml
-
About/en-USA/wwansvc.adml
-
About/hotspotauth.admx
-
About/iSCSI.admx
-
About/inetres.admx
-
About/kdc.admx
-
About/msched.admx
-
About/nca.admx
-
About/pca.admx
-
About/sdiageng.admx
-
About/srm-fci.admx
-
About/tcpip.admx
-
About/wlansvc.admx
-
About/wwansvc.admx
-
Setup.exe
Password: 1234
d8c9c0350ce0254269505a253d4be7ee
Headers
Imports
Sections