Overview

overview

10

Static

static

10

2116-264-0...ry.exe

windows7-x64

3

2116-264-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2116-264-0x0000000000400000-0x00000000004D7000-memory.dmp

  • Size

    860KB

  • MD5

    3121835b2ea098db4536445b3b531157

  • SHA1

    8b89e5fe058333b660538cff730f4d333f0bc089

  • SHA256

    2dd8974bff3118a9918e03a6b984c9acf3caf306a3a64898c6bba6c5b54eede2

  • SHA512

    adfdd1b2f35c259a00e4d73f0b55da9f54ee4522f7fb0d4f468a7c51be2b524134b0d14503a4cc6cc09cdc4c28291171c11b5d95bb4174f802042c6819278172

  • SSDEEP

    24576:LRu16WYdRNDl0Et8uEXE6dl5H92r5HA9NY:dVNDl0Et8uEXE6ds1HA9

Score
10/10
c7705ff59edcf8953f00dd53d4696a54vidar

Malware Config

Extracted

Family

vidar

Version

4.9

Botnet

c7705ff59edcf8953f00dd53d4696a54

C2

https://t.me/dastantim

https://steamcommunity.com/profiles/76561199529242058
Attributes
  • profile_id_v2

    c7705ff59edcf8953f00dd53d4696a54

  • user_agent

    Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2116-264-0x0000000000400000-0x00000000004D7000-memory.dmp
    .exe windows x86


    Headers

    Sections