General
-
Target
3916-408-0x0000000000400000-0x000000000046F000-memory.dmp
-
Size
444KB
-
MD5
2982da0d8faaa0c60e91d2b2ce7d85f0
-
SHA1
694613e5d8a3cdb648bed2de641014abc3778200
-
SHA256
a3df740d295a677b7749cde1f2bbe074bd45209edf333f7e7d539b793ebc30a8
-
SHA512
9c46722dd607158c7a5cde58a877b886bd0d2dd13f740c7fa523115bd21f284aa0ecfd8bf077eece220b704338eb3ec4fad084eeb0bcf6d902c1ccf8a8d0e29a
-
SSDEEP
6144:O2+XqGAdyvA944aSL0g7SLjxhDOfeNROhXkO6J5IUUZcA:O2+XqUvA92/gGLjzDqeNROhl6TR
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5.2
Botnet
35aa2808fb90f9e9dac907e1be77f310
C2
https://t.me/odyssey_tg
https://steamcommunity.com/profiles/76561199541261200
Attributes
-
profile_id_v2
35aa2808fb90f9e9dac907e1be77f310
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.30 (KHTML, like Gecko) Chrome/115.0.1.0 Safari/537.30
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3916-408-0x0000000000400000-0x000000000046F000-memory.dmp
Headers
Sections