General
-
Target
1036-58-0x0000000000400000-0x0000000000471000-memory.dmp
-
Size
452KB
-
MD5
444e14b83c4b89a5af6ba70733d23ff6
-
SHA1
5d2a43787d88a7197a0d818fbf8b7e0d58a43f76
-
SHA256
ab98ffca151e06a05db8fde80745465e6a45f8e8887024ddf5d085cb749649eb
-
SHA512
8f24d625a7d490ddc91c61ba78d9ab89cd852f4b04e5afa28f9083165af680d8d8bf465ff2fbc75ee830eb1e818b5d11792fa0585a2279e7c35486a8f7bc48d5
-
SSDEEP
6144:HjZi5dyACB0iCHcbk8ukYGFOg1i5+vtzhLJqNp:HjZgyAmk8uBGYg1i5+vtJJq
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.7
Botnet
9cfd246b122e71a592dbea27a1739d45
C2
https://steamcommunity.com/profiles/76561199501059503
https://t.me/mastersbots
Attributes
-
profile_id_v2
9cfd246b122e71a592dbea27a1739d45
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1036-58-0x0000000000400000-0x0000000000471000-memory.dmp
Headers
Sections