General
-
Target
644-412-0x0000000000400000-0x000000000046C000-memory.dmp
-
Size
432KB
-
MD5
a7df8d4020a0d48056b46735e686b4f4
-
SHA1
727dd3077356e7b0da73061dad84107a2c29da4e
-
SHA256
2622fb894a797b60dd2e45ad395207b7390dbdb38b69e4e1e9837695aec41f4e
-
SHA512
3bb2464f43a038eaca4089d45fde12d214263a643386bfc1311960714b97670b5f723c08d6b0f6e7a82ff4110ce35b20926691a393dc1f20aa455d0bec403934
-
SSDEEP
6144:z66+X5aG78XAIn2RN2iy3g8UpioUb65qJfbri5bMuCV4alSqdBFJVkShVH:z6HX5aG782ook65G/id5CV5lvZVk
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.5
Botnet
bf58e1879f88b222ba2391682babf9d8
C2
https://steamcommunity.com/profiles/76561199497218285
https://t.me/tg_duckworld
Attributes
-
profile_id_v2
bf58e1879f88b222ba2391682babf9d8
-
user_agent
Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7
Signatures
-
Vidar family
Files
-
644-412-0x0000000000400000-0x000000000046C000-memory.dmp
Headers
Sections