Overview

overview

10

Static

static

10

948-161-0x...ry.exe

windows7-x64

1

948-161-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    948-161-0x0000000000400000-0x000000000046D000-memory.dmp

  • Size

    436KB

  • MD5

    389188bc694f78a3914e3f49b7673e20

  • SHA1

    a7b006f649258085c32965dd739c1bdc6b32be69

  • SHA256

    b450d744cf220084757b0bbd4a924109f26519aaf19062bbb77547f7eafef996

  • SHA512

    53e155122315a95dfb79ba361ce6f6d77b2665860152364134f4fdcc62ee824def8c93edf8d35e271d341527c36984bfd734432abc44e8908648312a4783aa5b

  • SSDEEP

    6144:oe/h0TMPIRSVfGXb195t8v9+uSA9fn1ybNJWFaGn6hV2AiA5:P/hNgMx4t88vkf1CNJWFFnS

Score
10/10
e44c96dfdf315ccf17cdd4b93cfe6e48vidar

Malware Config

Extracted

Family

vidar

Version

4

Botnet

e44c96dfdf315ccf17cdd4b93cfe6e48

C2

https://steamcommunity.com/profiles/76561199508624021

https://t.me/looking_glassbot
Attributes
  • profile_id_v2

    e44c96dfdf315ccf17cdd4b93cfe6e48

  • user_agent

    Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 948-161-0x0000000000400000-0x000000000046D000-memory.dmp
    .exe windows x86


    Headers

    Sections