vidar | e758e8d9577f4f4ad09e8b7eb5902d51[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e758e8d9577f4f4ad09e8b7eb5902d51.bin
Size

3.8MB
MD5

e758e8d9577f4f4ad09e8b7eb5902d51
SHA1

d653acb60d964db7b73dbd946b0e55ab0e06ea96
SHA256

ea95dd443e3ee8bf189e10e0dc19a048971a0aa9db4ccb94827984a43c2330b9
SHA512

f78df3310298989366b70e16d81915f5cc4d0f4a644a34da6b1ad4ad821799acba5cbcb4f88b992d2f780c5dd621e2adea76ab29bb1044bec8360c99a66333a6
SSDEEP

6144:aUNdslLON1aPsi5chCRXmI4/LusZbXm+QRArNVJCnfhOqU2WBMYUB:axGwP/OWOxXm+4A9Cn+lKxB

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e758e8d9577f4f4ad09e8b7eb5902d51.bin

Files

e758e8d9577f4f4ad09e8b7eb5902d51.bin
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ