Analysis
-
max time kernel
155s -
max time network
183s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
30-12-2023 13:20
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
19ca7407319e34670c18f6a593481ef7.exe
Resource
win7-20231215-en
3 signatures
150 seconds
General
-
Target
19ca7407319e34670c18f6a593481ef7.exe
-
Size
573KB
-
MD5
19ca7407319e34670c18f6a593481ef7
-
SHA1
f55d5fc6947ab89d5ca925937cd6dacae5c4a97d
-
SHA256
41fbd8eea7c632625a8a403042fe23906fb5f51e88e027f722e185a1fedd1e48
-
SHA512
d89615b5c26a45a3f59d530bc4a1d122252bf73176cdba771dd52dca269313e367767cc618dac74f7139f19167a37c8bb905f204dcbccbaf711acafc52cf4cdd
-
SSDEEP
12288:1fPDILmGVsZA99FOpikHfR6PN/tC5ivVAYEPys0oBMQ1x7U:1jIKzQ+ik/RQu5ivVAX/0iMQHI
Malware Config
Extracted
Family
vidar
Version
39.7
Botnet
706
C2
https://shpak125.tumblr.com/
Attributes
-
profile_id
706
Signatures
-
Vidar Stealer 4 IoCs
Processes:
resource yara_rule behavioral2/memory/3096-2-0x00000000021F0000-0x000000000228D000-memory.dmp family_vidar behavioral2/memory/3096-3-0x0000000000400000-0x00000000004A9000-memory.dmp family_vidar behavioral2/memory/3096-13-0x0000000000400000-0x00000000004A9000-memory.dmp family_vidar behavioral2/memory/3096-16-0x00000000021F0000-0x000000000228D000-memory.dmp family_vidar