vidar | c3a2b583cd3440387c32ccd8fa8af03f943688bdd2e2784a3029b12e358f6e16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1972-107-0x0000000000400000-0x00000000004BE000-memory.dmp
Size

760KB
Sample

230613-vnnp2shd79
MD5

add201196bdfc854ea3d819881879c41
SHA1

e80db221465a5a09185371f926c30fc39eac9b19
SHA256

c3a2b583cd3440387c32ccd8fa8af03f943688bdd2e2784a3029b12e358f6e16
SHA512

a02bac17d7b98a5c90542092b4d25b2ac0a0c894dbe70acc9ba4aec6a9f2e0ffa6cde4fcaf100706a19e3911570a8e98c845ca3bcaf98c39244e2d5daa811464
SSDEEP

6144:GBcgHq3cDh0zuao5sQyAFCx2HI8w1ih3WzqY4hAST2:GegHfDuQLFCYHT2ihzYU2

Score

10^/10

vidar e74b5ad2e63124e58425d1fb3ed3cd89

Malware Config

Extracted

Family

vidar

Version

4.3

Botnet

e74b5ad2e63124e58425d1fb3ed3cd89

C2

https://steamcommunity.com/profiles/76561199514261168

https://t.me/kamaprimo

Attributes

profile_id_v2
e74b5ad2e63124e58425d1fb3ed3cd89
user_agent
Mozilla/5.0 (Linux; U; Tizen 2.0; en-us) AppleWebKit/537.1 (KHTML, like Gecko) Mobile TizenBrowser/2.0

Targets

- Target
  
  1972-107-0x0000000000400000-0x00000000004BE000-memory.dmp
- Size
  
  760KB
- MD5
  
  add201196bdfc854ea3d819881879c41
- SHA1
  
  e80db221465a5a09185371f926c30fc39eac9b19
- SHA256
  
  c3a2b583cd3440387c32ccd8fa8af03f943688bdd2e2784a3029b12e358f6e16
- SHA512
  
  a02bac17d7b98a5c90542092b4d25b2ac0a0c894dbe70acc9ba4aec6a9f2e0ffa6cde4fcaf100706a19e3911570a8e98c845ca3bcaf98c39244e2d5daa811464
- SSDEEP
  
  6144:GBcgHq3cDh0zuao5sQyAFCx2HI8w1ih3WzqY4hAST2:GegHfDuQLFCYHT2ihzYU2
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

e74b5ad2e63124e58425d1fb3ed3cd89vidar

behavioral1

behavioral2