Overview

overview

10

Static

static

10

1848-59-0x...ry.exe

windows7-x64

1

1848-59-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1848-59-0x0000000000400000-0x0000000000499000-memory.dmp

  • Size

    612KB

  • MD5

    3090d4cd8c2bbbac1c4d004ee5c91f09

  • SHA1

    3957e5eec6eb5afc717eb16216d9706b6bddc3e7

  • SHA256

    40e7ae6290907d6a1f4cfd6d24bb6fb09520f686aa7fbb5e00cd375621c0cf9d

  • SHA512

    f21564202f3f8d6542e6e2c0c4f3691c8417bb12623c7dcea1912e36d5291fbe1bafe2498980d6763e5bb1732a1ae9a9616289873b3c63cfcb58baae0813da28

  • SSDEEP

    12288:+jZgyAmk8uBGYg1i5+vaJJq0aRRiRRRwRRRRRRRARURRFRRRRdRRRRRRJRRRRRRV:momGB195emGRRiRRRwRRRRRRRARURRFy

Score
10/10
41259ba39e7d2a1b343e34c89786c56fvidar

Malware Config

Extracted

Family

vidar

Version

3.7

Botnet

41259ba39e7d2a1b343e34c89786c56f

C2

https://steamcommunity.com/profiles/76561199501059503

https://t.me/mastersbots
Attributes
  • profile_id_v2

    41259ba39e7d2a1b343e34c89786c56f

  • user_agent

    Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1848-59-0x0000000000400000-0x0000000000499000-memory.dmp
    .exe windows x86


    Headers

    Sections