vidar | 4592-282-0x0000000000400000-0x0000000000471000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4592-282-0x0000000000400000-0x0000000000471000-memory.dmp
Size

452KB
MD5

481dba64ae1ca5a9d6cc611c1d3f4ad1
SHA1

0153bd712a3070fa56127ca4b2e52890d76cea7e
SHA256

cc6faa10f7f78d0e4ab70c57c2fba350fc024c974dc008b7cc3cc8ca17d92078
SHA512

b2fee9ab76d305f4a3146424e8ade45ca3f52389ef1d8ea03b0a74a69b889b9db4491609d32178ed5685ec05fbe0ee1cf13c687e92387ea7d296e20763700d60
SSDEEP

6144:FoJrOvNTzTM5OGrcpK0sEdmV8aIaq8YNf7H6IQrqmGNHzUa9PwK:2JrOvNHwBcArV05R7H6IQRGNH3wK

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Files

4592-282-0x0000000000400000-0x0000000000471000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ