General
-
Target
1300-139-0x0000000000400000-0x00000000006DA000-memory.dmp
-
Size
2.9MB
-
MD5
7b1b2f1bb65099158bde0d80e4ff012a
-
SHA1
89dc8bd63a687d5d18dd126ff98d5afdae93efa1
-
SHA256
ce726f89fefef3d294602fea17192195f1075fc212b65940f2e8aa7895933fea
-
SHA512
cf61e038a66d66b6ba0c7fed592e417aaed73ce62a0db237c704c59150caac11cccc6df5c6481fee297136fd1e6eea635cd81d4b4aedd8554716469c33dfa32d
-
SSDEEP
6144:mjZi5dyACB0iCHcbk8ukYGFOg1i5PvozhLJqv8YQ:mjZgyAmk8uBGYg1i5PvoJJq5Q
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.7
Botnet
f760f049ec7e48276a149aad841d8d57
C2
https://steamcommunity.com/profiles/76561199501059503
https://t.me/mastersbots
Attributes
-
profile_id_v2
f760f049ec7e48276a149aad841d8d57
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1300-139-0x0000000000400000-0x00000000006DA000-memory.dmp
Headers
Sections