Overview

overview

10

Static

static

10

4168-158-0...ry.exe

windows7-x64

3

4168-158-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4168-158-0x0000000000400000-0x0000000000472000-memory.dmp

  • Size

    456KB

  • MD5

    c024b3bd264b7b95c19edf430c23f63d

  • SHA1

    8a5199c283bb7b562f693569c4a2177535e92b18

  • SHA256

    ed28af0855aa6e00776f3633c15663e4a930f54ac399b48369f485e31250849b

  • SHA512

    cae841838e0fff61d80802fa754cf4727f404dd8ad537eb97669cbb2354933cd9211e166f296cc83b45c89bf3a19e6ee874b914ff794d8ce049a86a08fd35866

  • SSDEEP

    6144:YqwEB+/L63cstCBe5mRrqXUVdF9c0xbdv4hJq1dEVqg4QhVKOlk:YqwEB+/I10MUVd80Xv2JqcV54Olk

Score
10/10
9d584a9b0b557d03b093bde42e6bdbafvidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

9d584a9b0b557d03b093bde42e6bdbaf

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    9d584a9b0b557d03b093bde42e6bdbaf

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4168-158-0x0000000000400000-0x0000000000472000-memory.dmp
    .exe windows x86


    Headers

    Sections