vidar | 16081380x00000000010A0000[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16081380x00000000010A0000.dmp
Size

472KB
MD5

d0b8092f4df6e7a2f98db456c5c010ad
SHA1

962ec0be3b1a1efaf40750fa8956a6975927a719
SHA256

ef44927bffc58d3f90e274d1654dcdb24cfe78dabac2e4ce28a798ac7965a98c
SHA512

b5b21788d3534351c5416a8e933f814a9a8d1304042f77045da3d7a171eba500b8078b31e4e3b5a05a2dad3d7a6117945af1b873e9ff08903209ebaec9bdb516
SSDEEP

12288:jAJimGA0vaJkps+2rmILafjEp1DiPDIn:mYA0va6pc3afjyiPD

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16081380x00000000010A0000.dmp

Files

16081380x00000000010A0000.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ