Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    31s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    08-01-2023 17:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    378KB

  • MD5

    d04f810bfbbe317de56b3312dbf9a82d

  • SHA1

    acdab704ca02ce5c466b2586e101002d319c8ba6

  • SHA256

    723f833a06244d7601591949fae724e0176ca30ae9582f86848d20ffe0e33b77

  • SHA512

    22865b8dbd84fd905f770f81afa63ac730f5c4dcb73a825cb595d3a9abb7bd07974a778eccc0fc5a2593e523c39a6bb679c3420b817b3d831e9c3dceefe5698c

  • SSDEEP

    6144:HCLkrJ7DaNcv+6vZQVu/1bDD1NhEXJXydSoOuNl:HCgN7DaN0bvWE1bDThEXJXyzJl

Score
10/10
vidar24stealer

Malware Config

Extracted

Family

vidar

Version

1.8

Botnet

24

C2

https://t.me/year2023start

https://steamcommunity.com/profiles/76561199467421923
Attributes
  • profile_id

    24

Signatures

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

    stealervidar

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
      PID:956

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/956-54-0x0000000002CDD000-0x0000000002D0A000-memory.dmp
      Filesize

      180KB

      Download
    • memory/956-55-0x0000000000220000-0x000000000026C000-memory.dmp
      Filesize

      304KB

      Download
    • memory/956-56-0x0000000000400000-0x0000000002BC7000-memory.dmp
      Filesize

      39.8MB

      Download