vidar | 48921370x0000000000400000[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48921370x0000000000400000.dmp
Size

476KB
MD5

6622383524456910158b47a13d446a96
SHA1

cc39d609572e1bb8def1ef113b99a0f93d9ed5fa
SHA256

940faaed5d383ba32749a8dd02ba6c5754f86630acebeb40c33b44f6b52945b7
SHA512

fe9962f652fc1c0174eca62da38ebc360a92d2411d06effa611c6f9e8ba6eb19b5d23393e4f1ce4a47995a1a4b2f8a2ef90df5712da7207c618d70eab2b7db14
SSDEEP

6144:xCyiXVZhMMOP/AXh/PP6IEWEonebA8mUG05UJKH2khp9j5kz+i9moRQqJgbEahrJ:xdiXZMbKCxWIW+kmoRQq2bEyiPfIn

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48921370x0000000000400000.dmp

Files

48921370x0000000000400000.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ