General
-
Target
2012-107-0x0000000000400000-0x00000000006D7000-memory.dmp
-
Size
2.8MB
-
MD5
09a187dd3a8b6b9732e3d7aff8dbc3a5
-
SHA1
e321c54ae215ca14517a42c3b8b31e9f47e73a04
-
SHA256
24b912158819a40299e3c076b0b39968c93da7b072ba99e0c9e9dd285a81fef1
-
SHA512
eb925a90a27152cc43c23ef65a6fc123c2a6d21830018d1d7caa6a36a51a77d3f8e1dc5e4571aca45be3ce2cc73b279b14650a96e04346a1214d50c428868149
-
SSDEEP
6144:VjZi5dyACB0iCHcbk8ukYGFOg1i5+vzzhLJqFZr:VjZgyAmk8uBGYg1i5+vzJJqr
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.7
Botnet
37444c997bc81a7d4e2a48b7b63a1f66
C2
https://steamcommunity.com/profiles/76561199501059503
https://t.me/mastersbots
Attributes
-
profile_id_v2
37444c997bc81a7d4e2a48b7b63a1f66
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2012-107-0x0000000000400000-0x00000000006D7000-memory.dmp
Headers
Sections