General
-
Target
2224-313-0x0000000000400000-0x000000000046F000-memory.dmp
-
Size
444KB
-
MD5
9d58c56accb9c7d867c51707374bda00
-
SHA1
74546af4307e83e1d8be046e5296f8db052d118b
-
SHA256
523020192a4def2a42976c68241850a6469f25e6cab3f7d375ba50e24c189efa
-
SHA512
85ab0f2271b2a44b1efeecad9444a63b1725f90177fd1451adf7354e2cb4b8c19d38a41dcc4a14bed4954d8fb5cced338890472d4ff13ed26b54355a7cf7e78f
-
SSDEEP
6144:O2+XqGAdyvA944aSL0g7SLjxhDOfeNROhykO6J5IUUbNnA:O2+XqUvA92/gGLjzDqeNROhA6Tcn
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5.2
Botnet
35aa2808fb90f9e9dac907e1be77f310
C2
https://t.me/odyssey_tg
https://steamcommunity.com/profiles/76561199541261200
Attributes
-
profile_id_v2
35aa2808fb90f9e9dac907e1be77f310
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.30 (KHTML, like Gecko) Chrome/115.0.1.0 Safari/537.30
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2224-313-0x0000000000400000-0x000000000046F000-memory.dmp
Headers
Sections