vidar | 4a5b066c19a3626f361a9fade04d8310[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a5b066c19a3626f361a9fade04d8310.bin
Size

3.8MB
MD5

4a5b066c19a3626f361a9fade04d8310
SHA1

bdb12c872ff94c820c4af4531f00ce1f802b43c0
SHA256

e6577c6ac9a13bc98a687dbce4afa4c0049cf62acea07820338d428afea43a34
SHA512

42a09fa6fdab5fc25ccd287aeeb5990d9c7467e9e2a2608112d932843adb33d07f4073b8e0a08970a86552780110e5f92fdaadd6c9b5baced8cacacbba1ea14b
SSDEEP

6144:1UNdslLON1aPsi5chCRXmI4/LusZbXm+QRAxNVJCjfhOqU2SBMYUB:1xGwP/OWOxXm+4AbCj+1KxB

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a5b066c19a3626f361a9fade04d8310.bin

Files

4a5b066c19a3626f361a9fade04d8310.bin
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ