Overview

overview

10

Static

static

10

1316-107-0...ry.exe

windows7-x64

1

1316-107-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1316-107-0x0000000000400000-0x0000000000706000-memory.dmp

  • Size

    3.0MB

  • MD5

    74a7c4175614e7acd9f9a9f01114afec

  • SHA1

    bdb82db6cda54eaf06ff4da1315cb8f0b4f0e52f

  • SHA256

    e16bb3126138e39054252afb8a93434a23993779293ee98c2db732313b241aa3

  • SHA512

    d68352915d9f40cbbbfa06374edf2b3968dd77f42a47ea0c9485e5564c1dbc38222182fd8fde3e2801bb22e08314b9fcfb3aeb5ae33f098d62bd6c65a05b079f

  • SSDEEP

    12288:oV5z4XPMPA/QryvodlJ90KSTrF5IqhvG:oVeXUPA4rqmJ9X+5Iy

Score
10/10
8de8c3f58ff0000c9c835e6068652130vidar

Malware Config

Extracted

Family

vidar

Version

3.8

Botnet

8de8c3f58ff0000c9c835e6068652130

C2

https://steamcommunity.com/profiles/76561198272578552

https://t.me/libpcre
Attributes
  • profile_id_v2

    8de8c3f58ff0000c9c835e6068652130

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1316-107-0x0000000000400000-0x0000000000706000-memory.dmp
    .exe windows x86


    Headers

    Sections