Overview

overview

10

Static

static

10

980-401-0x...ry.exe

windows7-x64

3

980-401-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    980-401-0x0000000000400000-0x000000000046C000-memory.dmp

  • Size

    432KB

  • MD5

    954e7652b188a26d03d643e4ba4cce24

  • SHA1

    562205da1f61776ed2e1a6267d7b75277c5d7d37

  • SHA256

    bfd9b28e35c0aabdf870bacb94b15a1bb4769eb4a17d205e3c4e859b65a8ed5e

  • SHA512

    6f5c16afd90040f72b7d095712da8117723e58ffa9cfea2868a157ba4bef449c09d8e42a81c7f9b7d3371655aa8e4a04be903e0e387b8f26b94dc515966637a1

  • SSDEEP

    6144:z66+X5aG78XAIn2RN2iy3g8UpioUb65qJfbri5bMuCV4acSqdBFJVkShVH:z6HX5aG782ook65G/id5CV5cvZVk

Score
10/10
bf58e1879f88b222ba2391682babf9d8vidar

Malware Config

Extracted

Family

vidar

Version

3.5

Botnet

bf58e1879f88b222ba2391682babf9d8

C2

https://steamcommunity.com/profiles/76561199497218285

https://t.me/tg_duckworld
Attributes
  • profile_id_v2

    bf58e1879f88b222ba2391682babf9d8

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Signatures

Files

  • 980-401-0x0000000000400000-0x000000000046C000-memory.dmp
    .exe windows x86


    Headers

    Sections