General
-
Target
4892-137-0x0000000000400000-0x0000000000477000-memory.dmp
-
Size
476KB
-
MD5
6622383524456910158b47a13d446a96
-
SHA1
cc39d609572e1bb8def1ef113b99a0f93d9ed5fa
-
SHA256
940faaed5d383ba32749a8dd02ba6c5754f86630acebeb40c33b44f6b52945b7
-
SHA512
fe9962f652fc1c0174eca62da38ebc360a92d2411d06effa611c6f9e8ba6eb19b5d23393e4f1ce4a47995a1a4b2f8a2ef90df5712da7207c618d70eab2b7db14
-
SSDEEP
6144:xCyiXVZhMMOP/AXh/PP6IEWEonebA8mUG05UJKH2khp9j5kz+i9moRQqJgbEahrJ:xdiXZMbKCxWIW+kmoRQq2bEyiPfIn
Score
10/10
Malware Config
Extracted
Family
vidar
Version
4.5
Botnet
63f61690309d5f5710cfe24c8343a639
C2
https://steamcommunity.com/profiles/76561199520592470
https://t.me/motafan
Attributes
-
profile_id_v2
63f61690309d5f5710cfe24c8343a639
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/111.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4892-137-0x0000000000400000-0x0000000000477000-memory.dmp
Headers
Sections