vidar | 78abe569fa1f4f08e8ae1947e611f9ed8cb1dbe244908c87493c578db0c2d352

Analysis

max time kernel
143s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19-01-2024 16:59

Target

6828fe34d88005e691f01b3775aaa97d.exe
Size

561KB
MD5

6828fe34d88005e691f01b3775aaa97d
SHA1

1c988f1dc8644a7f8c8b9c87a57a8f8446446e47
SHA256

78abe569fa1f4f08e8ae1947e611f9ed8cb1dbe244908c87493c578db0c2d352
SHA512

7a97025b83b920b136ff3019d5255e8725eb8bb2fe87ae4f212f56a8bab594516c598e7272a0df05c24f8cd130d9246597aac892af2957004488508ea9695f19
SSDEEP

12288:6twVqyMNSU5kgfDL+E7XsEFSU17UpDsAryYqwoO:YQqvlKgfDCEFSU1YpDsgg

Score

10^/10

vidar 706 stealer

Family

vidar

Version

39.9

Botnet

706

https://prophefliloc.tumblr.com/

Attributes

Vidar Stealer 4 IoCs

stealer

resource	yara_rule
behavioral2/memory/2500-2-0x0000000004A60000-0x0000000004AFD000-memory.dmp	family_vidar
behavioral2/memory/2500-3-0x0000000000400000-0x0000000002CC4000-memory.dmp	family_vidar
behavioral2/memory/2500-13-0x0000000000400000-0x0000000002CC4000-memory.dmp	family_vidar
behavioral2/memory/2500-16-0x0000000004A60000-0x0000000004AFD000-memory.dmp	family_vidar

C:\Users\Admin\AppData\Local\Temp\6828fe34d88005e691f01b3775aaa97d.exe
"C:\Users\Admin\AppData\Local\Temp\6828fe34d88005e691f01b3775aaa97d.exe"
1⤵
PID:2500

memory/2500-2-0x0000000004A60000-0x0000000004AFD000-memory.dmp

Filesize
628KB

Download
memory/2500-1-0x0000000002CD0000-0x0000000002DD0000-memory.dmp

Filesize
1024KB

Download
memory/2500-3-0x0000000000400000-0x0000000002CC4000-memory.dmp

Filesize
40.8MB

Download
memory/2500-13-0x0000000000400000-0x0000000002CC4000-memory.dmp

Filesize
40.8MB

Download
memory/2500-15-0x0000000002CD0000-0x0000000002DD0000-memory.dmp

Filesize
1024KB

Download
memory/2500-16-0x0000000004A60000-0x0000000004AFD000-memory.dmp

Filesize
628KB

Download