Overview

overview

10

Static

static

10

1592-1474-...ry.exe

windows7-x64

3

1592-1474-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1592-1474-0x0000000000400000-0x00000000004A1000-memory.dmp

  • Size

    644KB

  • MD5

    0c1384cc29b35b1aa19b1a5e7664a730

  • SHA1

    2c92464d34e4a11b3cc3e3e71405b37f756fb294

  • SHA256

    57c0b565f88eb0a219cedaa095a881530d9fab48a89b9f72d27ab9661409253b

  • SHA512

    7e13ec584622f0af9ec24d07f9734bf8ba24f462f39dcf149838f7eeefc1049633b815ebeee17f25bb6ee720207332e033389fff402eefdea31bf488932fe575

  • SSDEEP

    12288:ihyTurb4C9y7vJSm1t3aJXMOlabM2jObU2SMv6qtn9rBz3mLEPFzXWxVIc6k:iYTskC9y7BSm1t3aJXMOlabM2CAmvh5I

Score
10/10
https://t.me/eagl3zvidar

Malware Config

Extracted

Family

vidar

Version

4.7

Botnet

https://t.me/eagl3z

C2

https://t.me/eagl3z

https://steamcommunity.com/profiles/76561199159550234
Attributes
  • profile_id_v2

    https://t.me/eagl3z

  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1788.0 uacq

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1592-1474-0x0000000000400000-0x00000000004A1000-memory.dmp
    .exe windows x86


    Headers

    Sections