vidar | 3ffbe52a7d0aca786b0c10493f02289a5c537524b6dbd6c0c66c4b6dab55a7ab

Analysis

max time kernel
144s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
09-01-2024 18:37

Target

4ea1510a1a5fa287f256d6f40c29f162.exe
Size

591KB
MD5

4ea1510a1a5fa287f256d6f40c29f162
SHA1

8c428817acea6b2873c00fbea5382e93e56f8aa3
SHA256

3ffbe52a7d0aca786b0c10493f02289a5c537524b6dbd6c0c66c4b6dab55a7ab
SHA512

507b33b488ada41d330dde05654f2937f52b905f5de6a85aa7684c5cac4462152250fe589dc5382998f231b9eaaac394f126842927469834732027f02d5813af
SSDEEP

6144:YOAgpn3TPloNv1QpD5z6z168PIMEVfZe6vv5k6oYwDA1Kp7ab3MISlSIzNFBPAn7:YvgBGEpFz6z0bMkvx9SDAIhDRZFBPAi

Score

10^/10

vidar 818 stealer

Family

vidar

Version

39.7

Botnet

818

https://shpak125.tumblr.com/

Attributes

Vidar Stealer 4 IoCs

stealer

Processes:

resource	yara_rule
behavioral2/memory/2524-2-0x00000000025E0000-0x000000000267D000-memory.dmp	family_vidar
behavioral2/memory/2524-3-0x0000000000400000-0x00000000008FE000-memory.dmp	family_vidar
behavioral2/memory/2524-13-0x0000000000400000-0x00000000008FE000-memory.dmp	family_vidar
behavioral2/memory/2524-16-0x00000000025E0000-0x000000000267D000-memory.dmp	family_vidar

C:\Users\Admin\AppData\Local\Temp\4ea1510a1a5fa287f256d6f40c29f162.exe
"C:\Users\Admin\AppData\Local\Temp\4ea1510a1a5fa287f256d6f40c29f162.exe"
1⤵
PID:2524

memory/2524-1-0x0000000000920000-0x0000000000A20000-memory.dmp

Filesize
1024KB

Download
memory/2524-2-0x00000000025E0000-0x000000000267D000-memory.dmp

Filesize
628KB

Download
memory/2524-3-0x0000000000400000-0x00000000008FE000-memory.dmp

Filesize
5.0MB

Download
memory/2524-13-0x0000000000400000-0x00000000008FE000-memory.dmp

Filesize
5.0MB

Download
memory/2524-14-0x0000000000920000-0x0000000000A20000-memory.dmp

Filesize
1024KB

Download
memory/2524-16-0x00000000025E0000-0x000000000267D000-memory.dmp

Filesize
628KB

Download