General
-
Target
2856-60-0x0000000000400000-0x000000000046F000-memory.dmp
-
Size
444KB
-
MD5
89418234c8d3ef01885b16d2418009a5
-
SHA1
b5b6d889a20b8550f721e50dc8a10915d08af0d7
-
SHA256
2502141d29a5836a61f5cf42ddedecfdc2da928488e5087183384a6fcbf4abc7
-
SHA512
cb373caaa0a8688ee703d467817faa54fa85c5c8f2ac56971adbca93de0fcb394f3511cf5abb12134ad5ba22fb18d754eddff433bca5cf058c9bde5475d28813
-
SSDEEP
6144:WQSHG5PqPjoYT0ZQEcZ5mHeZyiubIV5muWbYF4krz3ttUfB:W1HG549Wcfm+ZYIV5muWbI4krzdI
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5.3
Botnet
974b0402eb06bfc59c13e30e8683b76c
C2
https://t.me/buukcay
https://steamcommunity.com/profiles/76561199544211655
Attributes
-
profile_id_v2
974b0402eb06bfc59c13e30e8683b76c
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2856-60-0x0000000000400000-0x000000000046F000-memory.dmp
Headers
Sections