Overview

overview

10

Static

static

10

1200-56-0x...ry.exe

windows7-x64

1200-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1200-56-0x0000000000400000-0x00000000009EC000-memory.dmp

  • Size

    5.9MB

  • MD5

    6a8ec034356318708b7f2c4c895f4006

  • SHA1

    af4c54c87dc66aaea4ed34cbfb514a802c4cf68c

  • SHA256

    53964f6eb57da7369b7006e2579fcde7093af0a25443785e2440acd7b6c78574

  • SHA512

    a78d512e7f6419d8ccbac02953d29dac58f929934873c05c096732afcc07b8357cc88db4bba88f2d08934e53b91d37ed3c3e7c7400bf43e776e62fef5848c0d7

  • SSDEEP

    98304:dm052Bvzz8kf3zHZC+a/ubMSo4MIstNZDHGOcedVEycO3:35onLTvvbiIupcedVEyc

Score
10/10
d53752acbcbb2dd88ecc4d536f03b032vidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

d53752acbcbb2dd88ecc4d536f03b032

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    d53752acbcbb2dd88ecc4d536f03b032

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1200-56-0x0000000000400000-0x00000000009EC000-memory.dmp
    .exe windows x86


    Headers

    Sections