Overview

overview

10

Static

static

10

4592-557-0...ry.exe

windows7-x64

1

4592-557-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4592-557-0x0000000000400000-0x0000000000472000-memory.dmp

  • Size

    456KB

  • MD5

    888d1e19dda0f9f6c0d7fc955b227f41

  • SHA1

    3a80f7171c208b930c825fd16d0204a80584ac81

  • SHA256

    f6e7b24944bc91d7b19a51ca4ba794bda8befcdf5177ca29f4197cbb7ad5826c

  • SHA512

    cb81934dd2506cc8fb5cafc73ef972135c648035ad09c4470c988bc016be91b6030bfbf7e0b2b28479da67c2937b4597c3ea84d289c752a80509eed1ed1410bc

  • SSDEEP

    6144:WbbD2RXh9KD7EvVkr0evEcZ7/CUqjfgQlVumrBRVRXLTchXfovcW:WbuRX6D7ENiKUqDgYumrBnRXLT/N

Score
10/10
5cb879265de0011bfc7588d5d251aee6vidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

5cb879265de0011bfc7588d5d251aee6

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    5cb879265de0011bfc7588d5d251aee6

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4592-557-0x0000000000400000-0x0000000000472000-memory.dmp
    .exe windows x86


    Headers

    Sections