Analysis
-
max time kernel
28s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
25-01-2023 11:14
General
-
Target
e7c48cfe74cdb8db5a0f76a270dd9af538d309f3fe697db1091896e5647003a3.exe
-
Size
359KB
-
MD5
7b05eb43920606053128de152e4efd49
-
SHA1
985543ba3d60aaed5f530f50025505a447154552
-
SHA256
e7c48cfe74cdb8db5a0f76a270dd9af538d309f3fe697db1091896e5647003a3
-
SHA512
6df9e3ae57a3a5e12b1319b6138a74eb1c45a2f1956b1cdf28eafae0108cbeff6207bad9108fa67ae0d9dc9094b230ca6c9818b94154140b42542ac43ee0e435
-
SSDEEP
6144:WLhBi/a1r13C4XJQZB6y1ieE9Pa/DX8QXvvlrExeeNOPukyFpjcK:W1BiCP3ZXJsBbEeE0gevvlrRes2lpjcK
Score
10/10
Malware Config
Extracted
Family
vidar
Version
1.5
Botnet
14
C2
https://t.me/dahuasecurit
https://steamcommunity.com/profiles/76561199441999914
Attributes
-
profile_id
14
Signatures
-
Vidar
Vidar is an infostealer based on Arkei stealer.
Processes
-
C:\Users\Admin\AppData\Local\Temp\e7c48cfe74cdb8db5a0f76a270dd9af538d309f3fe697db1091896e5647003a3.exe"C:\Users\Admin\AppData\Local\Temp\e7c48cfe74cdb8db5a0f76a270dd9af538d309f3fe697db1091896e5647003a3.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1432-55-0x0000000000350000-0x00000000003A7000-memory.dmpFilesize
348KB
-
memory/1432-56-0x0000000000400000-0x000000000047E000-memory.dmpFilesize
504KB
-
memory/1432-54-0x00000000005BA000-0x00000000005EB000-memory.dmpFilesize
196KB