vidar | d2d26976da3286exeexeexeex[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2d26976da3286exeexeexeex.exe
Size

2.7MB
MD5

d2d26976da3286e99fc4f36e54a9bc81
SHA1

727341f95231f14a6cf41bdcc4d2508da8dd861c
SHA256

675404cf59fe41bd218a202766304234887e749e6d5a7dcc5c2795af4f49f63e
SHA512

8800c632427c86887331e32890188e5402fb0be15856cc71670be109ffbe3c7934af015071fa816daa8b4cd13b79e4dbe6ac9acd2294e775393e8bb3ce8a4096
SSDEEP

6144:Ye/h0TMPIRSVfGXb195t8v9+uSA9fn1ybNJ6FaGB6hV2Aif5+4://hNgMx4t88vkf1CNJ6FFBST4

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2d26976da3286exeexeexeex.exe

Files

d2d26976da3286exeexeexeex.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ