General
-
Target
3044-127-0x0000000000400000-0x0000000001B73000-memory.dmp
-
Size
23.4MB
-
MD5
a03ae4e2b27161a35432de4d2236fb9f
-
SHA1
eb997a4b9c3f51a3c38677089fb4ac961f4c2f03
-
SHA256
f9afe45d6a750baa88bd12b7346e65ed11c3142084873c8cc24636f26b124acf
-
SHA512
28d3443579bca7e883f75d1e5ce225f8953d23aebdeef0669560445cdd317dec57c140c58ca402f61e7a7555d7665fd054e426516b511a314df9be89694a66b4
-
SSDEEP
12288:pib4E1z9tDqi/sV3mHzeZBc7fG7Snb65:pc1z9hqiC2IBcyWe
Score
10/10
Malware Config
Extracted
Family
vidar
Version
4.6
Botnet
14b2a7d43189ee054111ef26d293a39d
C2
https://steamcommunity.com/profiles/76561199523054520
https://t.me/game4serv
Attributes
-
profile_id_v2
14b2a7d43189ee054111ef26d293a39d
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3044-127-0x0000000000400000-0x0000000001B73000-memory.dmp
Headers
Sections