General
-
Target
896-60-0x0000000000400000-0x0000000000491000-memory.dmp
-
Size
580KB
-
MD5
74caf642aecc9a157ca9f57a00fedb91
-
SHA1
5a8b11ac618e1f3dde056425ff235496ae44b88d
-
SHA256
500c799200655db61ae8c728d92a3c5628b0677864478fb4bf318bcf30fa76db
-
SHA512
024450e81699db446610b385e3f697b4575671dd5efba7b91b1f505040d3ad34f3f11c64f8e7ed3c3908d77576b6a804144312227ab38e0cd6bcd9be68f7861a
-
SSDEEP
6144:Zippiu4FVaZSJLVo/pHtI4VOs7iQJjbOmlMB7GOzt1vhZUY6mCDdD7COh:Zippiu49ED4ifJnOml2771X6DDD
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.4
Botnet
77d3e17ac7e9634fc0dfc5623380697a
C2
https://steamcommunity.com/profiles/76561199494593681
https://t.me/auftriebs
Attributes
-
profile_id_v2
77d3e17ac7e9634fc0dfc5623380697a
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0
Signatures
-
Vidar family
Files
-
896-60-0x0000000000400000-0x0000000000491000-memory.dmp
Headers
Sections