Analysis
-
max time kernel
104s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20250610-en -
resource tags
arch:x64arch:x86image:win10v2004-20250610-enlocale:en-usos:windows10-2004-x64system -
submitted
02/07/2025, 18:53
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-02_e6da5b9585c712da81f9e1e0deea43c7_black-basta_vidar.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
2025-07-02_e6da5b9585c712da81f9e1e0deea43c7_black-basta_vidar.exe
Resource
win11-20250502-en
General
-
Target
2025-07-02_e6da5b9585c712da81f9e1e0deea43c7_black-basta_vidar.exe
-
Size
1.3MB
-
MD5
e6da5b9585c712da81f9e1e0deea43c7
-
SHA1
1a9af9635d8620d4147ed5fb11c4bb2725ad634c
-
SHA256
596fef4197fa1900b3de0094fa649da8ff19c78c1c382f2dc1bd8db550ce6ab3
-
SHA512
a1dfb1dc2d7f77d8f63b91ea9e9c0d2367b233fa47bf4f1c669c66f51d5a1f24fedcb56ce367a1e07328104f815be92479318e7c00dc9feeb0b6086ca9817798
-
SSDEEP
24576:dNiCgn1fZTlhtctmeP2kdKaZy4o8g4VEl9JL79v:dNcnRZphtcgePXKey4W4W/79v
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\System32\alg.exe 2025-07-02_e6da5b9585c712da81f9e1e0deea43c7_black-basta_vidar.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 5348 2025-07-02_e6da5b9585c712da81f9e1e0deea43c7_black-basta_vidar.exe