Overview

overview

10

Static

static

10

948-55-0x0...ry.exe

windows7-x64

948-55-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    948-55-0x00000000001F0000-0x0000000000A8D000-memory.dmp

  • Size

    8.6MB

  • MD5

    ccf0582fc9ed0c555f57f474f78986c5

  • SHA1

    d1c725e5b96b7c997899606f3406e804a55a4908

  • SHA256

    07cccd1cb0c24f767822c840be1acb8d574237cb3db0da11bf553099768a8e7a

  • SHA512

    53872bbf35875c604636f3d4531f643fba41a0727050763724203c1ba928113927ab207b9bba5f344e29ec205ce1871a67e5be3b3075340daf4c130b7282d45d

  • SSDEEP

    196608:iZUZqfyktDvIkHM9604Cq7eh2gP9qAx4oPJzoeqF:QUZqKQvIbcBCpC25Z

Score
10/10
vmprotect1281vidar

Malware Config

Extracted

Family

vidar

Version

54.7

Botnet

1281

C2

https://t.me/blablblsdfd

Attributes
  • profile_id

    1281

Signatures

  • Vidar family
    vidar
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Files

  • 948-55-0x00000000001F0000-0x0000000000A8D000-memory.dmp
    .exe windows x86


    Headers

    Sections