General
-
Target
2456-137-0x0000000000400000-0x0000000000472000-memory.dmp
-
Size
456KB
-
MD5
5a7350859d740e00bf4def624f0c5311
-
SHA1
377a8d54f22f357c94c23283494e545f65f72c28
-
SHA256
3a7512884d5e269a6c9d74a0af38c0d4d4b95bdbe5c7cc8d8608e84a725d2134
-
SHA512
6a8fa8aabc01338f17069f5a2fbcfd75967eccfc6c271493509898f2fabbdf7245d128d12b3bd4baf468d07295a9e298eec9614414e6fff54badb79c6aeda94e
-
SSDEEP
6144:pqwEB+/L63cstCBe5mRrqXUVdF9c0xbdv4hJq1dEVqgYQhVKOlk:pqwEB+/I10MUVd80Xv2JqcV5YOlk
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.6
Botnet
495ab205af103eb0f20c7a90577f42e5
C2
https://steamcommunity.com/profiles/76561199499188534
https://t.me/nutalse
Attributes
-
profile_id_v2
495ab205af103eb0f20c7a90577f42e5
-
user_agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2456-137-0x0000000000400000-0x0000000000472000-memory.dmp
Headers
Sections