Analysis

  • max time kernel
    114s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-11-2022 08:42

General

  • Target

    591835d00134e24ab87d8dd53a1fced015c3cee18f49ac435f28dc2af024bf92.exe

  • Size

    4.0MB

  • MD5

    37eb7e578bc1b48c2001eb7aa3eb1062

  • SHA1

    20e4b7bff24d30f72d90bc2fa41649a347e70ffd

  • SHA256

    591835d00134e24ab87d8dd53a1fced015c3cee18f49ac435f28dc2af024bf92

  • SHA512

    aa056dbe9195d1cef1e4a1f9937538896a5c2b12da9b9ead4ee97c26ef210a31d70dd2bd46cba9de6e50a70389b5fa4b55164af7e637595e30a7abea79f295b1

  • SSDEEP

    98304:TgQlcmsRh4de3XKadvP84mza0stsYFxmRg:TgQamsRhr3XKay4+vsFh

Score
10/10

Malware Config

Extracted

Family

vidar

Version

55.8

Botnet

1142

C2

https://t.me/headshotsonly

https://steamcommunity.com/profiles/76561199436777531

Attributes
  • profile_id

    1142

Signatures

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

Processes

  • C:\Users\Admin\AppData\Local\Temp\591835d00134e24ab87d8dd53a1fced015c3cee18f49ac435f28dc2af024bf92.exe
    "C:\Users\Admin\AppData\Local\Temp\591835d00134e24ab87d8dd53a1fced015c3cee18f49ac435f28dc2af024bf92.exe"
    1⤵
      PID:4320

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4320-132-0x0000000000EE0000-0x0000000001514000-memory.dmp
      Filesize

      6.2MB