General
-
Target
1412-60-0x0000000000400000-0x0000000000471000-memory.dmp
-
Size
452KB
-
MD5
1dc29cf019cb9d358ce06d10817169ed
-
SHA1
42015a4a5b0b7ea5e782dbb056e0dcbc5fbfabf6
-
SHA256
44c5fb307449269ab44dd0dc9a4f04b1a8ca75cd523308ec5de4ebce816cd997
-
SHA512
8cc242ae46bae0da3ff2883f4328868f60690f8ebe7767fdf71aa96e4a95e6b93566d858eb4c8c6a358e29011c70498721786522657852dd22824177aacd3050
-
SSDEEP
6144:EmLEm87VHIUvOciQyMvgaw0ZYkFY1ckc+oFh+:DLEm87CAiawAYaY1ckc+oK
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.7
Botnet
76b2f6fdec310fab14e966cf03a994f7
C2
https://steamcommunity.com/profiles/76561199501059503
https://t.me/mastersbots
Attributes
-
profile_id_v2
76b2f6fdec310fab14e966cf03a994f7
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1412-60-0x0000000000400000-0x0000000000471000-memory.dmp
Headers
Sections