Overview

overview

10

Static

static

10

1716-2-0x0...ry.exe

windows7-x64

1

1716-2-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1716-2-0x0000000000400000-0x0000000002459000-memory.dmp

  • Size

    32.3MB

  • MD5

    a5bcb0fea0623a8236796a0057fcf43d

  • SHA1

    f6b2838fe07b995ead588426e85107db1847a18d

  • SHA256

    17493c5ef3ce41f581b65cf5965dbcf00ab203083aa160bc3cf863050da9b82d

  • SHA512

    91e66e6aa2ddcb3d6fe906710017cd017f34f49cb7c08477bae567679fb21cfa263f733543a3370c1e6eb81c5b975cba47c8f580138ec53b49d9f4a0b2c506ca

  • SSDEEP

    12288:sNvC1zqjETs1z/hVBzeC+SBIPIbya8kE65:MvnQTs1zhnzTSguzkF

Score
10/10
f26a028da947f0a9bb576593a02e83d1vidar

Malware Config

Extracted

Family

vidar

Version

5.4

Botnet

f26a028da947f0a9bb576593a02e83d1

C2

https://t.me/vogogor

https://steamcommunity.com/profiles/76561199545993403
Attributes
  • profile_id_v2

    f26a028da947f0a9bb576593a02e83d1

  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.2.13 (KHTML, like Gecko) Version/16.5.2 Safari/605.2.13

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1716-2-0x0000000000400000-0x0000000002459000-memory.dmp
    .exe windows x86


    Headers

    Sections