Overview

overview

10

Static

static

10

816-107-0x...ry.exe

windows7-x64

3

816-107-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    816-107-0x0000000000400000-0x00000000006D5000-memory.dmp

  • Size

    2.8MB

  • MD5

    a2e4ad6b33346ab66ca625b90f1fdbd4

  • SHA1

    cee97626e35695bc45da3e8b37c8f7bf0c8dbf85

  • SHA256

    4275b647538719d5f6c4b4d538941c8b3683d73e60d82b84a53c4a632219dbd2

  • SHA512

    9c47c9f93165b1036f293f678b7a76f0eda03507f36e039cb05536039329c623305623b6b9e38e0d584965106838a489869f7193d879fa530dfcb7cf5a6debb3

  • SSDEEP

    6144:CMqEHUkNqGVHhR5pW+JzUQQVgIvEwIdpeeRHKhr2Aicnksl:CMqEH+GVJNzULgekdpeoHE7ksl

Score
10/10
a023df7134b37ad0f51ab8983877c4d3vidar

Malware Config

Extracted

Family

vidar

Version

3.9

Botnet

a023df7134b37ad0f51ab8983877c4d3

C2

https://steamcommunity.com/profiles/76561199263069598

https://t.me/cybehost
Attributes
  • profile_id_v2

    a023df7134b37ad0f51ab8983877c4d3

  • user_agent

    Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.7 (like Gecko) (Debian)

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 816-107-0x0000000000400000-0x00000000006D5000-memory.dmp
    .exe windows x86


    Headers

    Sections