vidar | defc72cb7e776b7eea3d9a43e2320ce29281116deeb0a094966ca2631f7e9b10

Analysis

max time kernel
142s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/01/2024, 03:33

Target

764706a409053e9622689167f2e930c0.exe
Size

662KB
MD5

764706a409053e9622689167f2e930c0
SHA1

7a06d2658f62b2332d98642018a48e00f40fe2a3
SHA256

defc72cb7e776b7eea3d9a43e2320ce29281116deeb0a094966ca2631f7e9b10
SHA512

8971449e7e7ab5c56ebe5d010251bf59091e26b2f6f5f3dc0058fa7d37eeeb75f715ab09b6b2b3ee5b686820c57d129572ffda51b5b70ceba834793bd047655b
SSDEEP

12288:/JBsUnDOBk6EM1u+pvdN2MgF5MTt30GrCMRxelMYdqp4iv:/MUSBktML2rFwthr/El/q

Score

10^/10

vidar 860 stealer

Family

vidar

Version

39.7

Botnet

860

https://shpak125.tumblr.com/

Attributes

Vidar Stealer 4 IoCs

stealer

resource	yara_rule
behavioral2/memory/1932-2-0x0000000002270000-0x000000000230D000-memory.dmp	family_vidar
behavioral2/memory/1932-3-0x0000000000400000-0x00000000004C0000-memory.dmp	family_vidar
behavioral2/memory/1932-13-0x0000000000400000-0x00000000004C0000-memory.dmp	family_vidar
behavioral2/memory/1932-16-0x0000000002270000-0x000000000230D000-memory.dmp	family_vidar

C:\Users\Admin\AppData\Local\Temp\764706a409053e9622689167f2e930c0.exe
"C:\Users\Admin\AppData\Local\Temp\764706a409053e9622689167f2e930c0.exe"
1⤵
PID:1932

memory/1932-1-0x0000000000510000-0x0000000000610000-memory.dmp

Filesize
1024KB

Download
memory/1932-2-0x0000000002270000-0x000000000230D000-memory.dmp

Filesize
628KB

Download
memory/1932-3-0x0000000000400000-0x00000000004C0000-memory.dmp

Filesize
768KB

Download
memory/1932-13-0x0000000000400000-0x00000000004C0000-memory.dmp

Filesize
768KB

Download
memory/1932-15-0x0000000000510000-0x0000000000610000-memory.dmp

Filesize
1024KB

Download
memory/1932-16-0x0000000002270000-0x000000000230D000-memory.dmp

Filesize
628KB

Download