General
-
Target
2980-309-0x0000000000400000-0x000000000048B000-memory.dmp
-
Size
556KB
-
MD5
35f06de7c22b990f0e38f0f6c1346a36
-
SHA1
06e56de3515de44b046372b23f925b6d834fe167
-
SHA256
6b79e954bba51759c0baf56251218b6a36102297de4e4eade100111cf0bddb25
-
SHA512
124c64d05e3df32fbbea7d0de444e9801e53aa0a477cfce30481004ec4eda6ffb27ea40cad113cf19e16952e4634b31dd2e011f16e7b5abe9590d68e8da6cc63
-
SSDEEP
12288:7MqFYULoWzniwtgGbl6mw/YAMOtwhF5fBqyDCnqe+:7MqFbniCgGZ6T/DMO25fzGnqd
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5
Botnet
183caee054f0a0bfc81780194d9bc7cb
C2
https://t.me/versozaline
https://steamcommunity.com/profiles/76561199532186526
Attributes
-
profile_id_v2
183caee054f0a0bfc81780194d9bc7cb
-
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2980-309-0x0000000000400000-0x000000000048B000-memory.dmp
Headers
Sections