General
-
Target
1560-56-0x0000000000400000-0x00000000006E9000-memory.dmp
-
Size
2.9MB
-
MD5
75f6edf73a25c3b7034c13d28cabb3f4
-
SHA1
31bd2b50f06e23ce180f347e1a3b9209725d8149
-
SHA256
dae6d73f74d8a0893c70ebd2b878a7eb34e2a8421607caf0b0a7c79b92b3e4b7
-
SHA512
2eea1e648b10a1d2bbc9b4ee35a1c8be12a2a5105eee799422969e7a981323bdf9fd6c440c189d1e611a5d4b7d5fe0e02bf9ea55939a5ee27b62212a600c1e34
-
SSDEEP
6144:ZmLEm87VHIUvOciQyMvgaw0ZYkFY1ckz+RFh+PqtxNlWkrA:0LEm87CAiawAYaY1ckz+RKPqLN0
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.7
Botnet
520db31fb80baf8d773daaf5b12ef143
C2
https://steamcommunity.com/profiles/76561199501059503
https://t.me/mastersbots
Attributes
-
profile_id_v2
520db31fb80baf8d773daaf5b12ef143
-
user_agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/112.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1560-56-0x0000000000400000-0x00000000006E9000-memory.dmp
Headers
Sections