General
-
Target
2252-59-0x0000000000400000-0x000000000048B000-memory.dmp
-
Size
556KB
-
MD5
9277c3b04479a08dc0d6bde8b74cf98c
-
SHA1
3f0b99c9bf4068f2ef43aac4429bc32ceb1db235
-
SHA256
206fc2d24c9126e714eee27e5fada3801c0fbdb8e22b0b983e16405a3ed176b9
-
SHA512
6846e4fdbb91a24b41218163d99c819a276f05e57bb739e2de062186c898f40bd8b42d7217493c4cc64ddb3c968d705a835098996d0545dec4e80a724640c487
-
SSDEEP
12288:7MqFYULoWzniwtgGbl6mw/YAMOtwhF5fBqyDCnwe+:7MqFbniCgGZ6T/DMO25fzGnwd
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5
Botnet
183caee054f0a0bfc81780194d9bc7cb
C2
https://t.me/versozaline
https://steamcommunity.com/profiles/76561199532186526
Attributes
-
profile_id_v2
183caee054f0a0bfc81780194d9bc7cb
-
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2252-59-0x0000000000400000-0x000000000048B000-memory.dmp
Headers
Sections