Analysis

  • max time kernel
    146s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-12-2023 04:12

General

  • Target

    c2c5ae378d32a04091695ea8bf7ab9c1.exe

  • Size

    667KB

  • MD5

    c2c5ae378d32a04091695ea8bf7ab9c1

  • SHA1

    b75f1d2ca238bccfdadbeaac0f86aa01151d45d2

  • SHA256

    1ae48437789e2076e6057d8ed5b953d099cfaea76f4f07a54d2916be3688d720

  • SHA512

    38e5d4676f0181fe15dc566f36a16102f16cb3462bbd8a345044c6360f59244000ab035c5506e0d63981c1c5b3d7ed8e9cc586aba49da504c5abd4dba8784801

  • SSDEEP

    12288:yJIdvRzdqwC41iC5wMxWpeQ3RICKj/6Y5PiHdOBynXAh5ueun6sTFG3KxJ:pRzdqTMxOziHuY5tynKXunZTQQ

Score
10/10

Malware Config

Extracted

Family

vidar

Version

39.7

Botnet

706

C2

https://shpak125.tumblr.com/

Attributes
  • profile_id

    706

Signatures

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

  • Vidar Stealer 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c2c5ae378d32a04091695ea8bf7ab9c1.exe
    "C:\Users\Admin\AppData\Local\Temp\c2c5ae378d32a04091695ea8bf7ab9c1.exe"
    1⤵
      PID:3360

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3360-2-0x0000000002220000-0x00000000022BD000-memory.dmp

      Filesize

      628KB

    • memory/3360-3-0x0000000000400000-0x00000000004C3000-memory.dmp

      Filesize

      780KB

    • memory/3360-1-0x0000000000680000-0x0000000000780000-memory.dmp

      Filesize

      1024KB

    • memory/3360-13-0x0000000000400000-0x00000000004C3000-memory.dmp

      Filesize

      780KB

    • memory/3360-16-0x0000000002220000-0x00000000022BD000-memory.dmp

      Filesize

      628KB

    • memory/3360-15-0x0000000000680000-0x0000000000780000-memory.dmp

      Filesize

      1024KB