General
-
Target
3848-158-0x0000000000400000-0x0000000000471000-memory.dmp
-
Size
452KB
-
MD5
392a065106c9fb78557d281b2527730d
-
SHA1
741e97536b19033f5991c328fe91a4e821deb653
-
SHA256
078aa2d68924c7699147d2824bf27c3b7dfe415cfd54f15713a200d04af3ae81
-
SHA512
f1350728a07c445f942579bbd9fd7d6cb92297b55037291fbb59b77d58420691deef7d45eba698e64b6a83894fc903df23341513a4fbe6693fc902cd8955a75d
-
SSDEEP
6144:+jZi5dyACB0iCHcbk8ukYGFOg1i5+vjzhLJqNp:+jZgyAmk8uBGYg1i5+vjJJq
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.7
Botnet
905dc1ddf15a3366aa28cffc31e76667
C2
https://steamcommunity.com/profiles/76561199501059503
https://t.me/mastersbots
Attributes
-
profile_id_v2
905dc1ddf15a3366aa28cffc31e76667
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3848-158-0x0000000000400000-0x0000000000471000-memory.dmp
Headers
Sections