Overview

overview

10

Static

static

10

1400-56-0x...ry.exe

windows7-x64

1

1400-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1400-56-0x0000000000400000-0x0000000000695000-memory.dmp

  • Size

    2.6MB

  • MD5

    7649b1af210762fe2bd6321f44b3955c

  • SHA1

    367cca44df71943644781e11d19237c64f282657

  • SHA256

    b2395691f41f1ab6191c124f130a8b59661f7f1791b643a3e39a98ac3345f833

  • SHA512

    3c3bf0d59f266df88ebca8458060a11a95d8b28ba99b8d097c9595a137fa80bbd35153a0ed63db16b3050a861ba5973fb26fb590dab623a8f1acd76a77bed001

  • SSDEEP

    6144:7tvmJgFrko8B4/xw8ksPSGbEgajKliSmRbSMhUqANbdz/6kNiW:7tvmJapksPS4ELIiSmSGANbdz//

Score
10/10
a247b760bbf343752090be1436805458vidar

Malware Config

Extracted

Family

vidar

Version

4.1

Botnet

a247b760bbf343752090be1436805458

C2

https://t.me/task4manager

http://23.88.46.113:80

https://steamcommunity.com/profiles/76561199510444991
Attributes
  • profile_id_v2

    a247b760bbf343752090be1436805458

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.34

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1400-56-0x0000000000400000-0x0000000000695000-memory.dmp
    .exe windows x86


    Headers

    Sections