Overview

overview

10

Static

static

10

2576-54-0x...ry.exe

windows7-x64

1

2576-54-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2576-54-0x00000000008B0000-0x000000000095B000-memory.dmp

  • Size

    684KB

  • MD5

    6d973d3f88e7586c6b89e22ae1987fdd

  • SHA1

    b7bd0d174d947062116d4b57f71e6af2f9e20c79

  • SHA256

    24eac83408fd4c319a5e6e4b22b7f9af39145a9e15136a13c9327cb7be70428a

  • SHA512

    ad98f4946dd3aa07a80eee5294a99f4950ae12c94dcef689c55cce7fcb66a26e4c6fb051a36392bc77937daa4e347505daf07060c1429aace7b71c0a2645bbb0

  • SSDEEP

    12288:KACK8J6TOfIjeFCZ++9cCKmvmTV/u46Zoa3Qjh2dTbmYm0u5:KBK80SfIjeQZ++9cCKmvmTV/4nQV2dmn

Score
10/10
https://t.me/sundayeventvidar

Malware Config

Extracted

Family

vidar

Version

4.8

Botnet

https://t.me/sundayevent

C2

https://t.me/sundayevent

https://steamcommunity.com/profiles/76561198982268531
Attributes
  • profile_id_v2

    https://t.me/sundayevent

  • user_agent

    Mozilla/5.0 (X11; Linux 3.5.4-1-ARCH i686; es) KHTML/4.9.1 (like Gecko) Konqueror/4.9

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2576-54-0x00000000008B0000-0x000000000095B000-memory.dmp
    .exe windows x86


    Headers

    Sections