Overview

overview

10

Static

static

10

1732-136-0...ry.exe

windows7-x64

3

1732-136-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1732-136-0x0000000000400000-0x00000000006D5000-memory.dmp

  • Size

    2.8MB

  • MD5

    07fef3778ddaf7c1afb982549e06f717

  • SHA1

    9ca1d956ee49945fc7fb879c94ae19394d44864e

  • SHA256

    2cb26c2475141e7eac5384987f717fe08ce2f987ff0aff915e9d1543e1328b80

  • SHA512

    d4ae930994484082343337416ae041ebfbad7b75dd6c57f4468e6a4faba1b44af68e5313ee249f258b5bed5e2e1cd1ed217d64be5f2c95f225aa419cd397ee6f

  • SSDEEP

    6144:FMqEHUkNqGVHhR5pW+JzUQQVgIvEwIdpeYRlKhr2Ait6MxLS:FMqEH+GVJNzULgekdpeylETMg

Score
10/10
2ad8358aa58beeea05cca6adf4e8c87evidar

Malware Config

Extracted

Family

vidar

Version

3.9

Botnet

2ad8358aa58beeea05cca6adf4e8c87e

C2

https://steamcommunity.com/profiles/76561199263069598

https://t.me/cybehost
Attributes
  • profile_id_v2

    2ad8358aa58beeea05cca6adf4e8c87e

  • user_agent

    Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.7 (like Gecko) (Debian)

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1732-136-0x0000000000400000-0x00000000006D5000-memory.dmp
    .exe windows x86


    Headers

    Sections