General
-
Target
864-138-0x0000000000400000-0x00000000004E6000-memory.dmp
-
Size
920KB
-
MD5
639f9d1615c4e995dcd465a5a491c18e
-
SHA1
a7967066de5639e0d4cd44356d5aba4fbe65a7bb
-
SHA256
e097003941bd8287fefad14442d997ab9d61ae01ab2f03540086d7e16657f598
-
SHA512
bc3c3a4d70f37ceaa9b46d33a48018eb16c63732aba9bc0b3c08cd4f01fc8ce79cdd8fc47663c5168a274df873e37284bf7d80539b41af178ff8de86cd840c89
-
SSDEEP
12288:idiXZMbKCxWIW+kmoRQx2mEyiPJIn4y/:icMxvWNUx2mfiPJ+/
Score
10/10
Malware Config
Extracted
Family
vidar
Version
4.5
Botnet
2ebbd44046441e3db5ceb8266ef0eeae
C2
https://steamcommunity.com/profiles/76561199520592470
https://t.me/motafan
Attributes
-
profile_id_v2
2ebbd44046441e3db5ceb8266ef0eeae
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/111.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
864-138-0x0000000000400000-0x00000000004E6000-memory.dmp
Headers
Sections