vidar | 4820-153-0x00000000007E0000-0x0000000000C69000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

4820-153-0...ry.exe

windows7-x64

1

4820-153-0...ry.exe

windows10-2004-x64

3

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4820-153-0x00000000007E0000-0x0000000000C69000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

4820-153-0x00000000007E0000-0x0000000000C69000-memory.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

4820-153-0x00000000007E0000-0x0000000000C69000-memory.dmp
Size

4.5MB
MD5

9bcddf4bb5eef4bab9ed6562bec28b02
SHA1

1d995f5d7513ecf461d37d852a9cb752c3f467aa
SHA256

457662251da30750dc41fc1052444ae3c65c1bf15b3c69ce71135a919cebedc3
SHA512

fc43b2aeff832266eb8d97ae37e79663b2038322f530d23be2a263ce0d2dfe7db50d24912ec8560dec318f3be74a0dfdd4cd27ddf8c0fcf115de4e0b89392497
SSDEEP

49152:ackARKSry5qJ+W2VLkoEsCV+83uj+hH5Uz1OvJFpK:acESNwLzEFV+v+x5URsv

Score

10^/10

237 vidar

Malware Config

Extracted

Family

vidar

Version

2.2

Botnet

237

C2

https://t.me/litlebey

https://steamcommunity.com/profiles/76561199472399815

Attributes

profile_id
237

Signatures

Vidar family
vidar

Files

4820-153-0x00000000007E0000-0x0000000000C69000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 1.5MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy