Overview

overview

10

Static

static

10

1712-79-0x...ry.exe

windows7-x64

1712-79-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1712-79-0x0000000000F90000-0x0000000001A70000-memory.dmp

  • Size

    10.9MB

  • Sample

    230323-2qqqracf5x

  • MD5

    5cbeb9bd0cafec70d8e405e2fc8594c7

  • SHA1

    4486f0a9f2629f70b5a725d9a43bcadd07f6b0ca

  • SHA256

    a0de82f5c5e0ea8951b93b9cb1a96523f18c5d6ca831b24c2615c8c3cfae2aaa

  • SHA512

    4b62788358cb8db3091006e2fff530ab10fc8e33d04723b457e40f14d93cba47c075da1006d5744ec30cd5f480fcce51c73d85c25b18e5bb886cac0f4d70f0c1

  • SSDEEP

    196608:DAA/cU7/nuOtgzr6KvqHweDNI1HxioJwZigmIpCCK3+:DAA/7/Ptgv6HvNIX/JmbLp3c+

Score
10/10
vidar20f95c4f85151b21c48a8766fbd2d32dthemidavmprotect

Malware Config

Extracted

Family

vidar

Version

3.1

Botnet

20f95c4f85151b21c48a8766fbd2d32d

C2

https://steamcommunity.com/profiles/76561199472266392

https://t.me/tabootalks

http://135.181.26.183:80
Attributes
  • profile_id_v2

    20f95c4f85151b21c48a8766fbd2d32d

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 OPR/91.0.4516.79

Targets

    • Target

      1712-79-0x0000000000F90000-0x0000000001A70000-memory.dmp

    • Size

      10.9MB

    • MD5

      5cbeb9bd0cafec70d8e405e2fc8594c7

    • SHA1

      4486f0a9f2629f70b5a725d9a43bcadd07f6b0ca

    • SHA256

      a0de82f5c5e0ea8951b93b9cb1a96523f18c5d6ca831b24c2615c8c3cfae2aaa

    • SHA512

      4b62788358cb8db3091006e2fff530ab10fc8e33d04723b457e40f14d93cba47c075da1006d5744ec30cd5f480fcce51c73d85c25b18e5bb886cac0f4d70f0c1

    • SSDEEP

      196608:DAA/cU7/nuOtgzr6KvqHweDNI1HxioJwZigmIpCCK3+:DAA/7/Ptgv6HvNIX/JmbLp3c+

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks