General
-
Target
920-95-0x0000000000400000-0x00000000006E3000-memory.dmp
-
Size
2.9MB
-
MD5
ed5b2f6df11204f3ffef842043c0593b
-
SHA1
e2d67fdef5a9cd92ba84f3b0aea0f680e0b30d1c
-
SHA256
01318b679dd3eade0c39b3f2d4de73c553553071510c78c849265b866d90bac4
-
SHA512
7f5076d45e07dd86cee79fefc6ad96cb08d23ee3be1e41b648f7a97030ec378979ee978f77e422ca16ae29a0b30c89ef9146f9a6f6a4efda3749c7fe40df0185
-
SSDEEP
12288:xLEm87CAiawAYaY1ckW+mKPq1aNuZC2K:xAvBilAdVkHgaNuI
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.7
Botnet
513feb73bb915cb59c141e76e5b64dfd
C2
https://steamcommunity.com/profiles/76561199501059503
https://t.me/mastersbots
Attributes
-
profile_id_v2
513feb73bb915cb59c141e76e5b64dfd
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
920-95-0x0000000000400000-0x00000000006E3000-memory.dmp
Headers
Sections