General

  • Target

    5064-305-0x0000000000E70000-0x000000000148C000-memory.dmp

  • Size

    6.1MB

  • MD5

    0c702a2bc10053f54506a6ccb552869b

  • SHA1

    5e60bb497c4e3a364bad47a5ecf245cea1035fcd

  • SHA256

    670db27cd7892ce1f79418108514144aa38f8f49ba0b8a372fc7cb1215173467

  • SHA512

    a98fe64df20224a62ca95f287eb6063b52d4c2a8cf2ab83b1c8e250ba75b518696c451d32a12fb748b72e9b43b3c402b9d0a9922e81a8b3d7f2c7b420aa7c987

  • SSDEEP

    98304:FsCj/5Br6h9dPam6C2aJnD9Y7KCg89dbvpbUKakhQJX5dJUs1s3ztrQfy6:ehXaC2aJD9SxjBQKakhYJN1

Score
10/10

Malware Config

Extracted

Family

vidar

Version

54.6

Botnet

1679

C2

https://t.me/huobiinside

https://mas.to/@kyriazhs1975

Attributes
  • profile_id

    1679

Signatures

  • Vidar family
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

Files

  • 5064-305-0x0000000000E70000-0x000000000148C000-memory.dmp
    .exe windows x86


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.