vidar | 948-56-0x0000000000400000-0x000000000062D000-memory[.]dmp

General

Target

948-56-0x0000000000400000-0x000000000062D000-memory.dmp
Size

2.2MB
MD5

8200a4f4ecfd009bfed0b3210af6b5ad
SHA1

cbe4a54f2e0ff5fbba441491f6822d5976b1a886
SHA256

1118eae20d2fc5fb7bdcdf4875e070109369b95374ba79dc9aaa81227ec9cab3
SHA512

ab6c2eef0b9c6261d2dbb004909a5168565c9b1514563ff069cb52eebacfb378ba40b953572138b54d7b6d4e1516912598dd57f8e11fdb6dadaf6f9f860b0ea2
SSDEEP

49152:ZM3ljMqoWdVWwxcOM7ldz3lhfmr5H2WiJ4:Z2dDfAD2O

Score

10^/10

1587 vidar

Malware Config

Extracted

Family

vidar

Version

54.7

Botnet

1587

C2

https://t.me/trampapanam

https://nerdculture.de/@yoxhyp

Attributes

profile_id
1587

Signatures

Vidar family
vidar

Files

948-56-0x0000000000400000-0x000000000062D000-memory.dmp
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.itext Size: 7KB - Virtual size: 6KB

.data Size: 34KB - Virtual size: 34KB

.bss Size: - Virtual size: 29KB

.idata Size: 17KB - Virtual size: 17KB

.tls Size: - Virtual size: 56B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 129KB - Virtual size: 129KB

.rsrc Size: 1024B - Virtual size: 648B

.text
Size: 1.9MB - Virtual size: 1.9MB

.itext
Size: 7KB - Virtual size: 6KB

.data
Size: 34KB - Virtual size: 34KB

.bss
Size: - Virtual size: 29KB

.idata
Size: 17KB - Virtual size: 17KB

.tls
Size: - Virtual size: 56B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 129KB - Virtual size: 129KB

.rsrc
Size: 1024B - Virtual size: 648B