vidar | 2025-02-04_a872cb1d6030f54f8cf4b9b21c319e0f_mafia | Triage

Sharing

General

Target

2025-02-04_a872cb1d6030f54f8cf4b9b21c319e0f_mafia
Size

676KB
MD5

a872cb1d6030f54f8cf4b9b21c319e0f
SHA1

058958c9eca371038099b49f5b891c6ea594bf01
SHA256

4e9f5923c64702ad48988b2ff34ba3f18258807e1f4d0373be434008a3a8f68b
SHA512

370394d6816f38953b57bbe69fafd58cac5d72e8b1a01659a3ee0c30dccdd07766184412a5c53dc0a09b0debcce68dd5a73f1ebbc91492a1a43efffc231fd5c8
SSDEEP

12288:lusos0AcUj83OoEeg1T9U5UA0kMGTUDM31bHRPK8:lX5BcUj839Eeg1T9U5UA0kMGTUU1VK

Score

10^/10

vidar

Malware Config

Signatures

Vidar family
vidar

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-04_a872cb1d6030f54f8cf4b9b21c319e0f_mafia

Files

2025-02-04_a872cb1d6030f54f8cf4b9b21c319e0f_mafia
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 221KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ