Overview

overview

10

Static

static

10

4188-392-0...ry.exe

windows7-x64

1

4188-392-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4188-392-0x0000000000400000-0x0000000000472000-memory.dmp

  • Size

    456KB

  • MD5

    f5a45ba9bbce5c3716028f666f82b38d

  • SHA1

    44cb6ebe5a2981d28d27a0d6271e40d3a61f1aa2

  • SHA256

    cd5fa29a1e709de64fb7580efb4861ac73862899cac32e9e2dcb952c9d16c856

  • SHA512

    d9abe71232d0f3a9e4ab433a81c6fd3cb81de4dace3c82d5d76daf860d9c4374b244693f0b1fc0997c0c420c7dfaa1540ba35b5ca365463e29daedeac2535ec5

  • SSDEEP

    6144:WbbD2RXh9KD7EvVkr0evEcZ7/CUqjfgQlVumrOVRXLTchXfovcW:WbuRX6D7ENiKUqDgYumreRXLTfN

Score
10/10
5cb879265de0011bfc7588d5d251aee6vidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

5cb879265de0011bfc7588d5d251aee6

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    5cb879265de0011bfc7588d5d251aee6

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4188-392-0x0000000000400000-0x0000000000472000-memory.dmp
    .exe windows x86


    Headers

    Sections