Overview

overview

10

Static

static

10

1264-61-0x...ry.exe

windows7-x64

3

1264-61-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1264-61-0x0000000000400000-0x000000000046B000-memory.dmp

  • Size

    428KB

  • MD5

    e7420c09d6c6859d769cc61e69610989

  • SHA1

    7525aa540f8b783e1ea360cdfec8440b94c0faba

  • SHA256

    5563cfc7bdc38b8afe2de81802689a1049c864c6576cfda1c0fc3a8c68005d83

  • SHA512

    3c770e6eeb3f0e96ce5eb659a045c5d341441bac0961427bf03cff9c215cb771e5a52169e58a505634ada96b838dd5ccbdfebf39c0240f450892570c435fc4e2

  • SSDEEP

    6144:mWqI0UMB2Ok2q7RJ9siIoNA+S9LbTLM/DJZWsiRW71GJFhF:mWqIDO89/M8AHnHM7X1iRWpGJ

Score
10/10
98d0d34b4e35131252d3d615526218eavidar

Malware Config

Extracted

Family

vidar

Version

4.2

Botnet

98d0d34b4e35131252d3d615526218ea

C2

https://steamcommunity.com/profiles/76561199511129510

https://t.me/rechnungsbetrag
Attributes
  • profile_id_v2

    98d0d34b4e35131252d3d615526218ea

  • user_agent

    Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.38 Safari/537.36 Brave/75

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1264-61-0x0000000000400000-0x000000000046B000-memory.dmp
    .exe windows x86


    Headers

    Sections