Overview

overview

10

Static

static

10

1712-54-0x...ry.exe

windows7-x64

10

1712-54-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1712-54-0x0000000000F90000-0x0000000001A70000-memory.dmp

  • Size

    10.9MB

  • Sample

    230323-2m4hfacf4v

  • MD5

    3265c31a3799156571d9c50deaf78653

  • SHA1

    b336f3a80257419b8f06484d8371e68c748d6031

  • SHA256

    9e715be4b381a3426aeae4efdfd3a12f3cad06ea56a91a2aba1d602e643d04a8

  • SHA512

    ba8f2ab1bd3e59f58b4478dd8531c89ded83af50c197787649d299eda26fc4652f4ee918fd36887c735dc40200b424594342905527bac33be9897ef17d836a6f

  • SSDEEP

    196608:7LAZcU5WnuOCzvqHweDNI1HxioJwZigmIpCCK3+:7LA55WPCYvNIX/JmbLp3c+

Score
10/10
vidarstealerthemidavmprotect

Malware Config

Targets

    • Target

      1712-54-0x0000000000F90000-0x0000000001A70000-memory.dmp

    • Size

      10.9MB

    • MD5

      3265c31a3799156571d9c50deaf78653

    • SHA1

      b336f3a80257419b8f06484d8371e68c748d6031

    • SHA256

      9e715be4b381a3426aeae4efdfd3a12f3cad06ea56a91a2aba1d602e643d04a8

    • SHA512

      ba8f2ab1bd3e59f58b4478dd8531c89ded83af50c197787649d299eda26fc4652f4ee918fd36887c735dc40200b424594342905527bac33be9897ef17d836a6f

    • SSDEEP

      196608:7LAZcU5WnuOCzvqHweDNI1HxioJwZigmIpCCK3+:7LA55WPCYvNIX/JmbLp3c+

    Score
    10/10
    vidarstealerthemidavmprotect

    • Vidar

      Vidar is an infostealer based on Arkei stealer.

      stealervidar

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks