Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
25-01-2023 11:13
General
-
Target
c7527552e464aaa5542ae881af3f226267d6821a842686d90727c092c7dd8053.exe
-
Size
428KB
-
MD5
51c7bf8f21a041942f3f307d5667ec1b
-
SHA1
8bb72efd6a0ce17720e75e7c8e39698deaf0c4b8
-
SHA256
c7527552e464aaa5542ae881af3f226267d6821a842686d90727c092c7dd8053
-
SHA512
91ac2036b8a89ff901d6fd1de301b7709a0af82ce40a09599df60141e7114b6275e40be6126bfe14f8dc8d1fac6fa2e6d6b514619dac7552b3c57e31d6e12ec8
-
SSDEEP
6144:piEsLX1A5bOi8qvU7xZa8V50taXV6x6pvYk0E32P61hJFIJfVAVrwU+:0972brjv6c8VbfpvYJE32P6PHgtyQ
Score
10/10
Malware Config
Extracted
Family
vidar
Version
1.6
Botnet
24
C2
https://t.me/ibommat
https://steamcommunity.com/profiles/76561199446766594
Attributes
-
profile_id
24
Signatures
-
Vidar
Vidar is an infostealer based on Arkei stealer.
Processes
-
C:\Users\Admin\AppData\Local\Temp\c7527552e464aaa5542ae881af3f226267d6821a842686d90727c092c7dd8053.exe"C:\Users\Admin\AppData\Local\Temp\c7527552e464aaa5542ae881af3f226267d6821a842686d90727c092c7dd8053.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/848-54-0x000000000065C000-0x0000000000689000-memory.dmpFilesize
180KB
-
memory/848-55-0x0000000000220000-0x0000000000273000-memory.dmpFilesize
332KB
-
memory/848-56-0x0000000000400000-0x0000000000471000-memory.dmpFilesize
452KB
-
memory/848-57-0x00000000767C1000-0x00000000767C3000-memory.dmpFilesize
8KB