Overview

overview

10

Static

static

10

956-159-0x...ry.exe

windows7-x64

1

956-159-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    956-159-0x0000000000400000-0x0000000000472000-memory.dmp

  • Size

    456KB

  • MD5

    cd461d63ed1f2bac48653f807aa21b74

  • SHA1

    8ebe53b70d72cd8850d2957b8908466b6ac619ca

  • SHA256

    f6706808945cfda4d6b2b046723485e8c2bc34c9dd9ea9bd2b04e9be8aacd67a

  • SHA512

    350bde38cadb7b5282a5d35b3374cc12033ac6637acd722f8d5d8d012113b39f2a2128a3d002a8ab20313e4cc6da7ef9f9125fd8a91d603963bba63805db0eae

  • SSDEEP

    6144:MbbD2RXh9KD7EvVkr0evEcZ7/CUqjfgQlVumrSVRXLOchXfTrcW:MbuRX6D7ENiKUqDgYumr6RXLOUN

Score
10/10
6ad5983267fe81db2c478cdf72fc3cb6vidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

6ad5983267fe81db2c478cdf72fc3cb6

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    6ad5983267fe81db2c478cdf72fc3cb6

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 956-159-0x0000000000400000-0x0000000000472000-memory.dmp
    .exe windows x86


    Headers

    Sections