Overview

overview

10

Static

static

10

912-56-0x0...ry.exe

windows7-x64

1

912-56-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    912-56-0x0000000000400000-0x0000000000693000-memory.dmp

  • Size

    2.6MB

  • MD5

    6c3feb87b797e82d333a584b991aa428

  • SHA1

    c69f9e3084b6fed7a220df242ecf39ef3a37e9e9

  • SHA256

    d3131622cfbff0dd34e8b2acc8aaa5734133ca1ef5b837f30c903071c7e7ca18

  • SHA512

    ea9ed938d18d9faf9b33e64ef4016d5da7f9bd929e68eeaa86c339055619e76409add2ea2733be5f914f0926cf8c53215e942cebaf3ff1d63f8cf212d5735632

  • SSDEEP

    6144:7tvmJgFrko8B4/xw8ksPSGbEgajKliSmRbSMhUq3Nbdz/:7tvmJapksPS4ELIiSmSW3Nbdz/

Score
10/10
a247b760bbf343752090be1436805458vidar

Malware Config

Extracted

Family

vidar

Version

4.1

Botnet

a247b760bbf343752090be1436805458

C2

https://t.me/task4manager

http://23.88.46.113:80

https://steamcommunity.com/profiles/76561199510444991
Attributes
  • profile_id_v2

    a247b760bbf343752090be1436805458

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.34

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 912-56-0x0000000000400000-0x0000000000693000-memory.dmp
    .exe windows x86


    Headers

    Sections