vidar | 2025-01-28_3090d4cd8c2bbbac1c4d004ee5c91f09_mafia | Triage

Sharing

General

Target

2025-01-28_3090d4cd8c2bbbac1c4d004ee5c91f09_mafia
Size

612KB
MD5

3090d4cd8c2bbbac1c4d004ee5c91f09
SHA1

3957e5eec6eb5afc717eb16216d9706b6bddc3e7
SHA256

40e7ae6290907d6a1f4cfd6d24bb6fb09520f686aa7fbb5e00cd375621c0cf9d
SHA512

f21564202f3f8d6542e6e2c0c4f3691c8417bb12623c7dcea1912e36d5291fbe1bafe2498980d6763e5bb1732a1ae9a9616289873b3c63cfcb58baae0813da28
SSDEEP

12288:+jZgyAmk8uBGYg1i5+vaJJq0aRRiRRRwRRRRRRRARURRFRRRRdRRRRRRJRRRRRRV:momGB195emGRRiRRRwRRRRRRRARURRFy

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-28_3090d4cd8c2bbbac1c4d004ee5c91f09_mafia

Files

2025-01-28_3090d4cd8c2bbbac1c4d004ee5c91f09_mafia
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ