vidar | 1676-55-0x0000000000830000-0x000000000128A000-memory[.]dmp

General

Target

1676-55-0x0000000000830000-0x000000000128A000-memory.dmp
Size

648KB
MD5

a19ea399c14ffd2577bb04174b518600
SHA1

07783b0bc0bc9d53134b1328781e9845e8cdf4bb
SHA256

64efdcf66e63afdac3e6893a2b85ab5c2c64e11b6bea5797e1305ace36d0c001
SHA512

3b1aa811b780d358878183778b2239d95a4bd7a561c18e64eec493a2bdcede65bb635203b856bc9a44c9413395d46de7d7d587f2b84d4dc3c325008de474108c
SSDEEP

12288:5Ky45KFfLCKCUkuMYUFIqdAxvaj9Gw+g7Oiq+6PBKsrBh:5R4EFfuikbRFyhakVgih

Score

10^/10

1604 vidar

Malware Config

Extracted

Family

vidar

Version

54.6

Botnet

1604

C2

https://t.me/misteryworldismyhome

https://t.me/montgomerywavesgetlucky

Attributes

profile_id
1604

Signatures

Vidar family
vidar

Files

1676-55-0x0000000000830000-0x000000000128A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ữựЏ
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ữựЏ
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

≜≝��
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

≜≝��
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

≜≝��
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 134KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: - Virtual size: 199KB

.rdata Size: - Virtual size: 51KB

.data Size: - Virtual size: 84KB

ữựЏ Size: - Virtual size: 1KB

ữựЏ Size: - Virtual size: 1KB

≜≝�� Size: - Virtual size: 3.5MB

≜≝�� Size: 1KB - Virtual size: 1KB

≜≝�� Size: 6.4MB - Virtual size: 6.4MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 134KB - Virtual size: 145KB

.text
Size: - Virtual size: 199KB

.rdata
Size: - Virtual size: 51KB

.data
Size: - Virtual size: 84KB

ữựЏ
Size: - Virtual size: 1KB

ữựЏ
Size: - Virtual size: 1KB

≜≝��
Size: - Virtual size: 3.5MB

≜≝��
Size: 1KB - Virtual size: 1KB

≜≝��
Size: 6.4MB - Virtual size: 6.4MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 134KB - Virtual size: 145KB