General
-
Target
4776-405-0x0000000000400000-0x0000000000472000-memory.dmp
-
Size
456KB
-
MD5
769d2f66125f88b9e607d37fbe53d64c
-
SHA1
d361ed75d1f8ea178006bcb9c5ee701d14508758
-
SHA256
8e1c5166d497327e66491e72ad812b414d536d5f941e9fac6fe6b4c49f208a72
-
SHA512
d15ef73f2a4c5ea51a5f23a7e432b3bcdd4e60860ff9ef588b03d0ffd5a2baf5b622f4ce49985484a33f82060afd6850bf7edd4c9459086bd9cc73a3acca5cf0
-
SSDEEP
6144:WbbD2RXh9KD7EvVkr0evEcZ7/CUqjfgQlVumrSVRXLTchXfTRcW:WbuRX6D7ENiKUqDgYumr6RXLTmN
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.6
Botnet
5cb879265de0011bfc7588d5d251aee6
C2
https://steamcommunity.com/profiles/76561199499188534
https://t.me/nutalse
Attributes
-
profile_id_v2
5cb879265de0011bfc7588d5d251aee6
-
user_agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4776-405-0x0000000000400000-0x0000000000472000-memory.dmp
Headers
Sections