vidar | 94f891bb7b40ef187cca41afa96996c9[.]bin | Triage

Sharing

General

Target

94f891bb7b40ef187cca41afa96996c9.bin
Size

432KB
MD5

94f891bb7b40ef187cca41afa96996c9
SHA1

b865f4bc17e5c85d4e3c3241d7b7144958efdb07
SHA256

251cca8dfa478cb3727eaf11127adef87418fd2b3168f96f2c72837329615939
SHA512

058b5ca13dc3371d508489003b4dd142b8d38eb17b425dd4e4869db0a510144d12d6b9a9eeacafc54d687774e8d00cb0c71122137868e41d57df15522b4a7095
SSDEEP

6144:9DZmBlZLL/HiTe77ZVBIG31bIzSp6TamF4akehqzjPhwAVO:9DZmBDHL2G39wSpCamFLqzjWiO

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94f891bb7b40ef187cca41afa96996c9.bin

Files

94f891bb7b40ef187cca41afa96996c9.bin
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ