General
-
Target
4152-531-0x0000000000400000-0x000000000048B000-memory.dmp
-
Size
556KB
-
MD5
e7ca7151ba5370466dde0df0c2df5eb9
-
SHA1
a8aa696801584cee76823cbe9932c725a5947d51
-
SHA256
5d9b151b521e23eb40ac15c79b3a5ad638a83b8e5c5c6f940df036dc1014c33f
-
SHA512
f01a9d6e67d3df805438c7ad7ad28c06f8e6d4fa297fa0c2394620ef734943fc156044f7a6f6c5d37894bf4bc8a03b2f1cd20af2ebd6185274dc71565e63a1d7
-
SSDEEP
12288:7MqFYULoWzniwtgGbl6mw/YAMOtwhF5KBqyDCn/e+:7MqFbniCgGZ6T/DMO25KzGn/d
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5
Botnet
183caee054f0a0bfc81780194d9bc7cb
C2
https://t.me/versozaline
https://steamcommunity.com/profiles/76561199532186526
Attributes
-
profile_id_v2
183caee054f0a0bfc81780194d9bc7cb
-
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4152-531-0x0000000000400000-0x000000000048B000-memory.dmp
Headers
Sections