Overview

overview

10

Static

static

10

3520-305-0...ry.exe

windows7-x64

1

3520-305-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3520-305-0x0000000000400000-0x00000000006DD000-memory.dmp

  • Size

    2.9MB

  • MD5

    9c71e41426f9afb88d2512d4c34d219b

  • SHA1

    ae30b60f6e00a2a4cc06422c2817610767c53e76

  • SHA256

    8a1315f8e01082acd7d6ebdd2585be9a16673e97c6d091db7dbd98e877442dbb

  • SHA512

    984a6783c487ea14d7007a1dba00eef364440910b1a8a4c11fda171b98feef9e65ec6268bc6e8c73444def2ce0565bf15e71e23dd4acaf87f64b6b08fdd63034

  • SSDEEP

    6144:7ua5z4XeLqMVc2Uc1ax/QfTyuAlHKdlJx0KQah6wu2AiOCvFIpCY7MZ:7V5z4XPMPA/QryvodlJx0KQTQFIXY

Score
10/10
e5d7cb6205191dc1a4f6288000860943vidar

Malware Config

Extracted

Family

vidar

Version

3.8

Botnet

e5d7cb6205191dc1a4f6288000860943

C2

https://steamcommunity.com/profiles/76561198272578552

https://t.me/libpcre
Attributes
  • profile_id_v2

    e5d7cb6205191dc1a4f6288000860943

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3520-305-0x0000000000400000-0x00000000006DD000-memory.dmp
    .exe windows x86


    Headers

    Sections