General
-
Target
1744-56-0x0000000000400000-0x00000000006AC000-memory.dmp
-
Size
2.7MB
-
MD5
b7ec5e05e8f5b2ef6d81f723e59846f6
-
SHA1
74667b45e64081565b138faba6b22fa15b7ad6e4
-
SHA256
8e9c16c5d4b34052d8d1998ae5e7f220497d8510bb5ac70bdbb2cff462e80b53
-
SHA512
1c3658d72dc6924e344dfc88caad058ad2e3feaeea16363570d0e45bc2f3beab056e74f126d599f542f862946cc2c52bdb8192a0cbd1cbb8b66cab410629d5d6
-
SSDEEP
6144:Ye/h0TMPIRSVfGXb195t8v9+uSA9fn1ybNJFFaGB6hV2AiCVWRSl://hNgMx4t88vkf1CNJFFFBS8
Score
10/10
Malware Config
Extracted
Family
vidar
Version
4
Botnet
1a17cbbfddb273b0a3e99fb9be4c848a
C2
https://steamcommunity.com/profiles/76561199508624021
https://t.me/looking_glassbot
Attributes
-
profile_id_v2
1a17cbbfddb273b0a3e99fb9be4c848a
-
user_agent
Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1744-56-0x0000000000400000-0x00000000006AC000-memory.dmp
Headers
Sections