vidar

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_e4044eaad7f8543c3624277e9c5c708d1b55c5e2702336c2a7eb30fb55b08855
Size

687.8MB
Sample

241224-3xlk2s1nfr
MD5

b72a9a8f65bdccf44a40237c1db0b7be
SHA1

49793c600e60379bf9c47ac660c89211c8316688
SHA256

e4044eaad7f8543c3624277e9c5c708d1b55c5e2702336c2a7eb30fb55b08855
SHA512

660cd4be821c98ebf478a17e71a7f283453697533ecbbe3a58b0426caaa15b0af3ba9868dc85de6327287210f85a7a23f874ea268ff7fd5cfaeacb1ebe1aa645
SSDEEP

12582912:5yQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQh:5ynnnnnnnnnnnnnnnnnnnnnnnnnnnnnO

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

4.3

Botnet

7b7fdb9f9b9361515285b7dadea32e20

https://steamcommunity.com/profiles/76561199514261168

https://t.me/kamaprimo

Attributes

profile_id_v2
7b7fdb9f9b9361515285b7dadea32e20
user_agent
Mozilla/5.0 (Linux; U; Tizen 2.0; en-us) AppleWebKit/537.1 (KHTML, like Gecko) Mobile TizenBrowser/2.0

Targets

- Target
  
  sample/LauncherPC.exe
- Size
  
  685.8MB
- MD5
  
  ad9ab51868198afea45777db31bfedcf
- SHA1
  
  064329b8a9a734ec55168dee9153f52a71854f40
- SHA256
  
  ae00141c1137ac2f9e3d33500c32540db10c5426c7f9cf7627b219abe4b05a12
- SHA512
  
  e7bab5c057478dbcadb3901a5321fcf80e4dcd2917ed7231d5eee5100fc73663b2273bf510120282e8218f0dc49ededeb7a9dd492edf2e4fab2418e81770dc8b
- SSDEEP
  
  12582912:/yQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQQ:/ynnnnnnnnnnnnnnnnnnnnnnnnnnnnnp
Score

10^/10

vidar 7b7fdb9f9b9361515285b7dadea32e20 discovery stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- Vidar family
  vidar
behavioral1 behavioral2
- Target
  
  sample/bin/api-ms-win-core-console-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  1ef2febe64a22d3fc743652ce34d4c10
- SHA1
  
  75e836c2536a4130cb4e982e935898b6acea7e1d
- SHA256
  
  2bfec3e54115359a56b3cd7ada60ac172ab43f56c8c5e8b88245f64ce631137d
- SHA512
  
  cb77d96b1175b7a3a967685587e8c877a479668b8d8953083c33b0a886e62767412f97acaf8ec447920bb9387ed88931b5cfada730d475ffef11da32068a8f07
- SSDEEP
  
  192:FaW1hWrrUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gSyekD/oB:kW1hWrrU8JIYiaHZ8ZpHzGovSyekDgB
Score

1^/10
behavioral3
- Target
  
  sample/bin/api-ms-win-core-datetime-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  8a5bcae4a3ea52e61dced9f54da3746e
- SHA1
  
  021c3db7739694940c1d5aef554e13f9383c2ba2
- SHA256
  
  b8a4371fafd2dcb76c24855a1fca311fb98cf270e539b4fd3091a6738ef71622
- SHA512
  
  69aa71183fa8dda2432502e9f9bb6fea22cae374da919622d233a83600786106fa47ee5441a6d6451e8f6d448dbcd2ee108623628fc454fd962fbfab524734c2
- SSDEEP
  
  192:1UW1hWVUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gLyyWjtDPxUR:WW1hWVU8JIYiaHZ8ZpHzGovLyyqtDPx8
Score

1^/10
behavioral4
- Target
  
  sample/bin/api-ms-win-core-debug-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  bad51d0bcbe4b83f44dea9882daa72a9
- SHA1
  
  41eaf283255bf6079a10f53081bf794e33bc4479
- SHA256
  
  37a4972c68465a9b1a8820bcf358ab31ad8e518e19e1bc0835996dd9223b23fa
- SHA512
  
  cd6c50592a4041e98fe9791506c25d45f2edd027ba2daf1421c764cd6362df0a9a968347747820b1488f2b3c7169cdb9b027fc63d3086f5b02a703c2f8f95b85
- SSDEEP
  
  192:nW1hWVUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6g9y+ttIqL3:nW1hWVU8JIYiaHZ8ZpHzGov9y+8qz
Score

1^/10
behavioral5
- Target
  
  sample/bin/api-ms-win-core-errorhandling-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  8b191a93051dda5664e644948aa51797
- SHA1
  
  3d3fd3f63610655293c133c0fbdde3dbf262d308
- SHA256
  
  ebdd6dc490edf3676a57548044709455ae90166e58601f196e9b23e6d7b9b4ee
- SHA512
  
  0aca85d416560d9547013ba0310f24a13f74b306d632a2bc7d2649c6e8b6d119e34bebe4271c684674b22e494b1caf6a3094e6e205c99879a724e490e21d88a9
- SSDEEP
  
  384:OBLW1hWQU8JIYiaHZ8ZpHzGovPOxyDzNm:OBOeYiQZiRPYgQ
Score

1^/10
behavioral6
- Target
  
  sample/bin/api-ms-win-core-file-l1-1-0.dll
- Size
  
  16KB
- MD5
  
  4f4ad57efb22bea723e162542bf8e43c
- SHA1
  
  4223cc1c429ff9a18468a91798af3f2575424a4a
- SHA256
  
  99ff47c7e846f7759fadf5bced9bcdba275b9c8e206bf8e453c3473ef29cf1f3
- SHA512
  
  3ea405798400a96fa1d1cca1ae8a55c4ba53713320133078081f3a55cccd5509954bc1620dbf2961c9a9247850b88d567f1b6bbe2f484814f68bb895a75f5c16
- SSDEEP
  
  384:pBPvVXcW1hWUU8JIYiaHZ8ZpHzGovOyyXN:3PvVX/OYiQZiRPOhd
Score

1^/10
behavioral7
- Target
  
  sample/bin/api-ms-win-core-file-l1-2-0.dll
- Size
  
  13KB
- MD5
  
  b4e78652f6aa8f89062dbd0e7bee1ded
- SHA1
  
  caf3d012d3b1cf09c47ef0dc55f075d931798d5e
- SHA256
  
  d79f192963618f86d2a0e768bdab8e8c4b92e0db1fff971102a5fee4f57ac6b0
- SHA512
  
  8e5b703c7b13c8f01e46a8b7a3854e578c8f4eb3b93192ac711b6a91b7aee7a1e2adeb6342fbf8a7b1604118e290c7ae53e171109cc8ee5888d66be5e004e0b5
- SSDEEP
  
  192:0XW1hWsUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gJyiH4sw9j9wFq:YW1hWsU8JIYiaHZ8ZpHzGovJyH9j+0
Score

1^/10
behavioral8
- Target
  
  sample/bin/api-ms-win-core-file-l2-1-0.dll
- Size
  
  13KB
- MD5
  
  c22fa18dd5cf90246805b9d28340cb18
- SHA1
  
  6739e1717549232b16dbc3697f83cac090b6a947
- SHA256
  
  79c233c7d14921e62cf3e6871b3333b200186f4e87dd6b18af2d52d99f0c41e8
- SHA512
  
  daa3f3d054f7bff729a2d528f396d5ae28428b0d89fb6db03620fee90e5d5a1ff591128dde4345c4224b40c0d49fa4c728d3ec000b71f9b8b11ffed5e88dea91
- SSDEEP
  
  384:dVrW1hWCU8JIYiaHZ8ZpHzGovRyVYEcHg:dVuMYiQZiRPRUY/Hg
Score

1^/10
behavioral9
- Target
  
  sample/bin/api-ms-win-core-handle-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  2b8a68165ea83830af5b198f9687a38e
- SHA1
  
  581b8bf3148a1b282317b82bc0353ef7a614a740
- SHA256
  
  b3e8dae1cf5f214331c98fe77a136c4c7039476014de885d967a82348d7b384d
- SHA512
  
  3f8e3f33a5ffd684383f90281244532f8b1748ccbacdb5598c59ce0b5519ed47273cce111e3e452e92ded9f6eb3e719ef1d99c62eb63817f05fa16d570cafbf3
- SSDEEP
  
  192:hW1hWGLUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gSyIzP:hW1hWGLU8JIYiaHZ8ZpHzGovSyIz
Score

1^/10
behavioral10
- Target
  
  sample/bin/api-ms-win-core-heap-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  994e1c72c7e65f5b26a51b4327d8557d
- SHA1
  
  bf180a8f8d33ee4b6dec303895713a9e48ab7d46
- SHA256
  
  f04e7451c5ecfcf24c2adaf5360e12e67434bf555fb494b5b1149129a10e1c49
- SHA512
  
  6f674d64e490135cd47ad62dc37308d41f09c721c495a0fd4c412c71554cbc8ccf5f563da2c7e45b125da5264047cfdcbde200a1490414f40d9d4c319ce7b55f
- SSDEEP
  
  192:wZlgW1hWcjUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gaytaW9sUbmB:mlgW1hWsU8JIYiaHZ8ZpHzGovaylscg
Score

1^/10
behavioral11
- Target
  
  sample/bin/api-ms-win-core-interlocked-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  2f58dfade485c9d9ad532ffd9c808d70
- SHA1
  
  811012773228983c20ff2a177e65f0524b47fbc3
- SHA256
  
  9e736e7e8bcaa032be85d8e34ff7b1842482dd8a0cd71733cb6f0b0da3998c88
- SHA512
  
  e996e200afa1a552cf94c4a0139cfd50ddde750a8da805457666d693e75680bc0818cae0d1ed166bd182867ce7bba6b431e003b0c3f4f2b18881d13b9b6d0877
- SSDEEP
  
  192:uW1hWPUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gFyOLsifTi:uW1hWPU8JIYiaHZ8ZpHzGovFyOsifu
Score

1^/10
behavioral12
- Target
  
  sample/bin/api-ms-win-core-libraryloader-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  8b09ef33c0d59573eb1d20a6a69252fc
- SHA1
  
  4a7249d1788d4cbbd3780e1770b6e79cf981da2f
- SHA256
  
  158abc85ac5cb95bc236b2fd694cd6bfdfd929a74f94053c500ba3f5d453b398
- SHA512
  
  74dc4ab5c29421f6497b55f4286ba382ccb160b95a23bfa9a377abb4efba9e01192f660b3600800bf8bff692c36db6f2ea06cdbf7e2ac35b2242d814f459b026
- SSDEEP
  
  384:BvuBL3BYW1hWFU8JIYiaHZ8ZpHzGovCyxgCGK+YP7:4BL3BTpYiQZiRPC6gGF7
Score

1^/10
behavioral13
- Target
  
  sample/bin/api-ms-win-core-localization-l1-2-0.dll
- Size
  
  15KB
- MD5
  
  5f7c66b604b6a32211061e8bd0af510a
- SHA1
  
  ae3332cd84507bf1692ed48cf43db92c66bbdb53
- SHA256
  
  e3c79834522f032216b391b2db002a2031257636bb330e50b493aafc08d5cc94
- SHA512
  
  594026a726d4cd71a98c1888025dacac9531285d2d999ae1b5fa021f03e9f67fcb322b7e2ad75e0fa5c5de2b3ef047310ec719156be39d5de2c64036b6894be0
- SSDEEP
  
  384:IOMw3zdp3bwjGjue9/0jCRrndb6kW1hWbU8JIYiaHZ8ZpHzGov4yyUX0:IOMwBprwjGjue9/0jCRrndb0rYiQZiRi
Score

1^/10
behavioral14
- Target
  
  sample/bin/api-ms-win-core-memory-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  50d5f48b3fe6b12775b9932a9f0fff7b
- SHA1
  
  7b18d7a65d2e36238fd83e54aa1dc1ec70ff20f8
- SHA256
  
  6cd148e8cadd1abbfa22b3e351772968c9df67c16d4230a793514643f34606d0
- SHA512
  
  5b0abcc5cd77e2011b6b2a7f07dc482e10bb439cda87eaa81977875659d819663cf3a2e86354d637e08c2c7b8afbafe0bec0e5839dd2fd285d5c7bd8788f4d74
- SSDEEP
  
  192:w8W1hWcUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gytyrHuYkK:w8W1hWcU8JIYiaHZ8ZpHzGov2yqY9
Score

1^/10
behavioral15
- Target
  
  sample/bin/api-ms-win-core-namedpipe-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  d3249127863af2a0e9b09fc614ac6e3c
- SHA1
  
  1c52e657e8e69764c012b57df169f09fdd2fb0e5
- SHA256
  
  de708b4330eb30af059901e5ba49d7bb346371d8735cd20dd2e3f9bc263849bc
- SHA512
  
  dbc6ff75291a63f01ab6c212d9fcf4bddce88c554b2d972b095e87179aa9e5103e26da2a5c2a6c40cfe14f2b1a4603fc2d98234077d9957136a2c08597aa0341
- SSDEEP
  
  192:pKW1hWoOUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gfy5hPfVS0:gW1hWoOU8JIYiaHZ8ZpHzGovfyvdS0
Score

1^/10
behavioral16
- Target
  
  sample/bin/api-ms-win-core-processenvironment-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  0f46fc5a6826842b69187f5c99c896f9
- SHA1
  
  4b54dac54aab1805ef07e77dc13aff5721ffad5b
- SHA256
  
  5dbbe150e47866d1df1d4a700cd0abe801f67299ac70a083b2afa80b459b196d
- SHA512
  
  4febcd9ed0cdc836f177b591b1e752d3af66e94402b5a575666634db0f25144db4df0543823b6f4ed5b2d39e3bfe6eea5d0b141a531cd42927260e01a6999be3
- SSDEEP
  
  192:MnW1hWTUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6g7yyps:MnW1hWTU8JIYiaHZ8ZpHzGov7yy6
Score

1^/10
behavioral17
- Target
  
  sample/bin/api-ms-win-core-processthreads-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  fbc0ff6c3fc85259450094b71481499f
- SHA1
  
  bda109eea1215c6dc43d9ffef49b06b661157d3a
- SHA256
  
  04f58d750b336463b959b73d3cf5099c3edf458f60669661fbf4e8652060d5e8
- SHA512
  
  754e0ddc570627b0af16a4aef7c1e18c848dea0e13e62d81825842a435871955f7b7c2d44101bbb2436ee90cd16601ef9600e294bbc7a5e8958f8cac3ef39f21
- SSDEEP
  
  384:2WXk1JzNcKSIXW1hWNU8JIYiaHZ8ZpHzGovaymxtdo:2bcKSbxYiQZiRParxt2
Score

1^/10
behavioral18
- Target
  
  sample/bin/api-ms-win-core-processthreads-l1-1-1.dll
- Size
  
  13KB
- MD5
  
  1e63cfd1f17af722bcb71e9e21e5234c
- SHA1
  
  a48988087242b2694fd2b72d539d25751b4e08eb
- SHA256
  
  22b3edc6413a32c93dad8f643ff1c48dab0822e89370090dd23efad8f24eb869
- SHA512
  
  d66df5f2fdd51b0305cee7859ca704bfd4e32f9be4c20c3896c5ade3d7257936eda8695ea465c1dc2add9f158d0c070397986313ada7a1e18378dce9ad28448a
- SSDEEP
  
  384:wtgDfIeFrW1hWgU8JIYiaHZ8ZpHzGovIyk+/B:wpeFuGYiQZiRPI1E
Score

1^/10
behavioral19
- Target
  
  sample/bin/api-ms-win-core-profile-l1-1-0.dll
- Size
  
  12KB
- MD5
  
  ac289d19647a7232623aec9fc86b4c16
- SHA1
  
  28f3c62d2640a71b9a4876d7fd5916b53f717dce
- SHA256
  
  3ec53d2a45f1cba5a11be3f7f80a8b219533e57f28e53c0cc3f3bd82a20727e1
- SHA512
  
  268c5828f0baee78b4ad62e2c71ad39a8abc93bb6705f4f8094000a77a344e28791e4f1ca742079bb24300bb98092f2fe37d5c629eeb6c13626f70022fcc7954
- SSDEEP
  
  384:A5yW1hWKU8JIYiaHZ8ZpHzGov6yM4QlEz:WwYiQZiRP6y
Score

1^/10
behavioral20
- Target
  
  sample/bin/api-ms-win-core-rtlsupport-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  2f3a9ebf615987c41a51e445928b28dc
- SHA1
  
  fd19cca9ced29b71327cb382428bbb44452e6c46
- SHA256
  
  185e690ffa8cacc3a6db9b54ff3f71b0b9118b93af420a9fb5b8718d325ef17b
- SHA512
  
  efc798c05871b3eeadd1cb62392ac5b9af29661cd330990f386cad275c69be85ad2067e17b7479032bb71077f1f93a28de01c05e2fbbb880bc3c160d82141fde
- SSDEEP
  
  384:YGeVWW1hWhU8JIYiaHZ8ZpHzGovfy8aDYt:YGeVtdYiQZiRPfv62
Score

1^/10
behavioral21
- Target
  
  sample/bin/api-ms-win-core-string-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  135b5aff9d848b1e36361934be3bba04
- SHA1
  
  e32b9efb02ad007de7391edf7cf942d30d59af91
- SHA256
  
  549c5f66b0337fdfe27ed74ff54ba148cce101b943360eec2da383dda72306d0
- SHA512
  
  78b8089eb68b835fcbf4745d88fb678f36edf8b45a236d609f07d2014805ad1af27cc9ae11fb19e65118ed9fd807be32b1e3d780ecd9dab788df269f5cf50736
- SSDEEP
  
  384:4yMvxW1hWRU8JIYiaHZ8ZpHzGovUyIxhtT:4yMvgRYiQZiRPUZT
Score

1^/10
behavioral22
- Target
  
  sample/bin/api-ms-win-core-synch-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  c96a688698519c38544148e4d13d94d8
- SHA1
  
  9ad7061a0dee11418e1a64c2e44de38708615aee
- SHA256
  
  2c458b248ded90546bf5009cfe7eb55e8bc7ae7032ca5ab429522a1b75cb6b31
- SHA512
  
  421eba3be005aa16b8f1c6cfc7d20aa59f67054f06e58457ad0255a196fe09d6ff592ccfec4b60263c8fe354dde51c3a1bb1e9edb7b6eafb1f84ca4ec8871a33
- SSDEEP
  
  384:ddv3V0dfpkXc0vVaRW1hWaU8JIYiaHZ8ZpHzGov8yNMJraXx:ddv3VqpkXc0vVaA0YiQZiRP8Czx
Score

1^/10
behavioral23
- Target
  
  sample/bin/api-ms-win-core-synch-l1-2-0.dll
- Size
  
  13KB
- MD5
  
  8fff743f4c30572473fe842398be4474
- SHA1
  
  72cc155722c85795c539de47e13ef6b3d32b1d95
- SHA256
  
  a4dbf0e38e5dd8f06727af0bee67623bda9c2c5cf8f45cf1be6178cd6554882c
- SHA512
  
  03d83f8264871343ed4b090e33e0190942116b07ce69355e8181a1d0f3f8797393ccf74ac84a290ed99ce8a12e166f4a285214de85bd28f21a4c3799965265e2
- SSDEEP
  
  384:+tZ3mW1hW1U8JIYiaHZ8ZpHzGovxyga//q:2ZYiQZiRPxIq
Score

1^/10
behavioral24
- Target
  
  sample/bin/api-ms-win-core-sysinfo-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  87b68a6ba3a1a4ef43a27040d834d3f1
- SHA1
  
  f9bd9f36fb218e9a9d62cefddcd01cae34502c05
- SHA256
  
  3479a1d4932c3afed9b6b77a3e88f27ce38a49f66172e607f316d1bc4ce7a360
- SHA512
  
  51b78370ffc52c109574739060f220fcece5b4fea0d5447a8d3b42c7374d7b15470db5838d0eb7dbc8b77219e8698b0a593b7933acd3d83b8bc309870882faae
- SSDEEP
  
  384:lZXW1hWNU8JIYiaHZ8ZpHzGovJyz0Thvy:lZi5YiQZiRPJs0Y
Score

1^/10
behavioral25
- Target
  
  sample/bin/api-ms-win-core-timezone-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  ae3f200e55d7f5a61854443e0e8995b9
- SHA1
  
  08626c2f5116bc16880ac3a8cd5d2e84ce740111
- SHA256
  
  847888f015da853dded5e9e4f8146dac1c78dc88cffcd23a4eeddb3a1b491638
- SHA512
  
  38e701b3a2fd545b2accf0c28a720f7cd72055c9c5649fb7494f4a12a39a54727cc2fc9dee0a1155e47c48ea21e73f86e703b2dfff1f532ca89903237f289a42
- SSDEEP
  
  192:BW1hWiUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gNiy90uJkw:BW1hWiU8JIYiaHZ8ZpHzGovgy/kw
Score

1^/10
behavioral26
- Target
  
  sample/bin/api-ms-win-core-util-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  a5c7477d611ff768662e059241280cf9
- SHA1
  
  eb6d39ff1c5a93b004b2e7df483cc67881102f7f
- SHA256
  
  b32f97d2cc81a4c4777b3e03292acab7255bbb30cde02ce4c736da8b4acb280b
- SHA512
  
  5c5429713c802202b5d2600c61a709be2808bc8c9ab919906e72e55bb22e702be3cee280fe89f71039e25cee986b03597504acabab42bc29bbb7c5a6670d0f12
- SSDEEP
  
  384:PVGW1hW8U8JIYiaHZ8ZpHzGov7ywQzlvW:3GYiQZiRP7og
Score

1^/10
behavioral27
- Target
  
  sample/bin/api-ms-win-crt-conio-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  c6eff5b7a31808b1be936045f48d8e0b
- SHA1
  
  956ea6c821d560e03673770031890475600c7dee
- SHA256
  
  8c20a573a84c2eccaee9889abda373a1db031b9dae8b7f9b28518548aca9fda6
- SHA512
  
  debe73025248d0a025855754c0f8ed34e9ea413dd94419003676e364cc0505b6d4a16de701dfa5f0b1e6b81d34bd8cdab62f795376b2aa7ffeaa1fed026ccd7c
- SSDEEP
  
  192:41W1hW2USwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6gLB0yvQX2UWY:41W1hW2U8JIYiaHZ8ZpHzGovLuyvU26
Score

1^/10
behavioral28
- Target
  
  sample/bin/api-ms-win-crt-convert-l1-1-0.dll
- Size
  
  17KB
- MD5
  
  a3447ae32a4d0c71ac94b6c6bac2bd55
- SHA1
  
  06ba3a178167299934a250f7f74e7d357d25331d
- SHA256
  
  0c635ed0abf37d43602ace072a87fea6519231eaefa8e9a24f067a7dfc5dea6b
- SHA512
  
  9647d9c4eb1ec65b625b127d141165bad0ad3afd6a91d200b7fc5ac1967aadc110d69b10147e13f75e5f6859c99d05afcd9ced9b0c4a12c51c32522ea18b4548
- SSDEEP
  
  192:+pdkKBcyhW1hWKUSwv7s8jtGBIYiYF8oDbnPZ2oEhZnpHzGoj6geynDBl:CuyhW1hWKU8JIYiaHZ8ZpHzGoveynDBl
Score

1^/10
behavioral29
- Target
  
  sample/bin/api-ms-win-crt-environment-l1-1-0.dll
- Size
  
  13KB
- MD5
  
  a58a65f02d72afade693028e4807a5db
- SHA1
  
  26160b95cfc956916c52e07dc02199e71ccd54f2
- SHA256
  
  d424ca63b4056f5b9b2af24ac3f0ba879593066a6610488929f8537821956e2c
- SHA512
  
  9939e1cc1de75bc480d6b3e4880b97d269ff98eb7a33f823dfc04b8adecb7b307d8372265f81dced62427efed06116d1ee48eee6c85a152466a21ef4cffdfb43
- SSDEEP
  
  384:VfW1hWuU8JIYiaHZ8ZpHzGov+yYVm+2uv:VqQYiQZiRP+NEuv
Score

1^/10
behavioral30
- Target
  
  sample/bin/api-ms-win-crt-filesystem-l1-1-0.dll
- Size
  
  15KB
- MD5
  
  941389e57dac26901a7976fc2639a0d0
- SHA1
  
  d8f9e87982dfffd866f9f31fdb8d61b8eeed2659
- SHA256
  
  6b0dd2d15eae4da98f7520c2f0404d0d18f0841637a496d245d43e4f6e806e76
- SHA512
  
  2894a084fa4b3f52e036ab5f4ac377b2baa7b2a2a87638b0ce225867e4feb695d171a8ac7d1672a5db997f369813ab457ea3cf7294c6b0852e6955a4dcb0fd00
- SSDEEP
  
  384:kq6nWm5CZW1hWeU8JIYiaHZ8ZpHzGov8yJOVX:Z6nWm5CIkYiQZiRP8zX
Score

1^/10
behavioral31
- Target
  
  sample/bin/api-ms-win-crt-heap-l1-1-0.dll
- Size
  
  14KB
- MD5
  
  1ecf009c6ef3d4d13f8fe51700272657
- SHA1
  
  54c339b245877cb9cf212280d925f9479e3fc6d9
- SHA256
  
  f54521c4cfb3126852efe9c561c19a23937f4d7b52f2dcfd6952437ede46276c
- SHA512
  
  badfae93ceb6a745c9079006185595f458ff8c33f9e3227732d929b068d585761ed1bdbaaec0622b8d2998e3c3f6540edadb582a840663210aee15c1f0c5467c
- SSDEEP
  
  384:tY3eBW1hWRU8JIYiaHZ8ZpHzGovbyAZ3+LZw:RQFYiQZiRPbXZ3aZw
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Vidar family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32