General
-
Target
1752-54-0x0000000000400000-0x000000000046C000-memory.dmp
-
Size
432KB
-
MD5
9aa7062bb537eed95ac7b75fa468378e
-
SHA1
5bf6d7b5e4d57aef79336f0036c164c18a590334
-
SHA256
cd851f740ad669de89b11ee07c2dda0126fae9802ca5eedad294d16f327134fc
-
SHA512
91bebb41e7000a60c4a8ee7fbba7135e181bcc031912ff86135709de660825b71a4ef8c28024fa145b45cf19156d51b3ff9fc94f768d8cd27667e20951de12d7
-
SSDEEP
6144:jLxuXh6GYtATZ7jYNiDM5bsgWQC77Hitfk55t9iARuUTAd:jtuR6GYOFjUWksjRDitfkvjdR+
Score
10/10
Malware Config
Extracted
Family
vidar
Version
2.2
Botnet
875
C2
https://t.me/litlebey
https://steamcommunity.com/profiles/76561199472399815
http://157.90.148.112:80
Attributes
-
profile_id
875
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1752-54-0x0000000000400000-0x000000000046C000-memory.dmp
Headers
Sections