vidar | 5f3172035521ceexeexeexeex[.]exe | Triage

Sharing

General

Target

5f3172035521ceexeexeexeex.exe
Size

452KB
MD5

5f3172035521ce9fee3bfeef2c26ef4a
SHA1

8b14beb82e60700622d597ae590997bb4e768fdf
SHA256

5f38834ff0dff0720a2d055ee1ea2628fc1fef35d6ae76e634a18bbc073cf463
SHA512

38af89568de1b3a7e185245a6601e0fbe949b82f150623061f385fbbb4928d1582581b1f55e2d8550e79240916c5a6eee77b39b2fa2fcc52bd934923f53d14c4
SSDEEP

6144:7Vv/3min9NW2AzQTShI21g6BCW7zfmSazcn4v4sHwyCU5Ax5/rKAl:Zv/33ntA8A1phKJcn4vxQysfNl

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f3172035521ceexeexeexeex.exe

Files

5f3172035521ceexeexeexeex.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ