vidar | b6b9b931eabadb9330023b4d0d22ac9f91e6923bde12b070d5032c7ae9a394cc | Triage

Sharing

General

Target

1996-54-0x0000000000FF0000-0x000000000162D000-memory.dmp
Size

6.2MB
Sample

230325-yczvqagb8w
MD5

f4f06c4d3d1cebb39a28c9d65068effb
SHA1

02e9a036b5746df7841db7c4d0f21f67ddb0f8cf
SHA256

b6b9b931eabadb9330023b4d0d22ac9f91e6923bde12b070d5032c7ae9a394cc
SHA512

3a8eb13ec4ad1aa19a0f40d6fcf0877005e9182b73c4c9372d9f0c25a27b29a4a5cd70d05106983d114810a41ab1bc4a879a7005783bb80c54a00f9d44b9cad8
SSDEEP

98304:uyq8UUXLESXPw+WHMJCVMQIvCTjAMzqBA3pR8BG0ZuUwLTtDQCvoZfwfxy/b/:m81XfY88mCHpzqCCBG0bw1DfAKyj

Score

10^/10

vidar 20f95c4f85151b21c48a8766fbd2d32d vmprotect

Malware Config

Extracted

Family

vidar

Version

3.1

Botnet

20f95c4f85151b21c48a8766fbd2d32d

C2

https://steamcommunity.com/profiles/76561199472266392

https://t.me/tabootalks

http://135.181.26.183:80

Attributes

profile_id_v2
20f95c4f85151b21c48a8766fbd2d32d
user_agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 OPR/91.0.4516.79

Targets

- Target
  
  1996-54-0x0000000000FF0000-0x000000000162D000-memory.dmp
- Size
  
  6.2MB
- MD5
  
  f4f06c4d3d1cebb39a28c9d65068effb
- SHA1
  
  02e9a036b5746df7841db7c4d0f21f67ddb0f8cf
- SHA256
  
  b6b9b931eabadb9330023b4d0d22ac9f91e6923bde12b070d5032c7ae9a394cc
- SHA512
  
  3a8eb13ec4ad1aa19a0f40d6fcf0877005e9182b73c4c9372d9f0c25a27b29a4a5cd70d05106983d114810a41ab1bc4a879a7005783bb80c54a00f9d44b9cad8
- SSDEEP
  
  98304:uyq8UUXLESXPw+WHMJCVMQIvCTjAMzqBA3pR8BG0ZuUwLTtDQCvoZfwfxy/b/:m81XfY88mCHpzqCCBG0bw1DfAKyj
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

vmprotect20f95c4f85151b21c48a8766fbd2d32dvidar

behavioral1

behavioral2