Overview

overview

10

Static

static

10

3596-382-0...ry.exe

windows7-x64

1

3596-382-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3596-382-0x0000000000400000-0x0000000000471000-memory.dmp

  • Size

    452KB

  • MD5

    80766ec175f02596fd50f873aca57d96

  • SHA1

    6689b11d00486559b719a2af3db68924fe3e53ba

  • SHA256

    c174459b60db2c20d6f5cb5e5dd60bef29e7e6f179e29dcda02d1b9ffc9b5e9b

  • SHA512

    e91028e54daeae99afbc8a1b8e1c6242e573a6c228c4fd948a901aadcb26f56985c49f8ce7513bc89d4f1c73f835ff6e7ed68b2f785029ce20bc805bc5b0172d

  • SSDEEP

    6144:WNvC1zqSQz/E+KM9Lys1WIQuWyV3EszeC+SjtSAUKOIbyC:WNvC1zqjETs1z/hVBzeC+SjIbIby

Score
10/10
25f5344bfcb62e75b7946c3a681aec54vidar

Malware Config

Extracted

Family

vidar

Version

5.4

Botnet

25f5344bfcb62e75b7946c3a681aec54

C2

https://t.me/vogogor

https://steamcommunity.com/profiles/76561199545993403
Attributes
  • profile_id_v2

    25f5344bfcb62e75b7946c3a681aec54

  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.2.13 (KHTML, like Gecko) Version/16.5.2 Safari/605.2.13

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3596-382-0x0000000000400000-0x0000000000471000-memory.dmp
    .exe windows x86


    Headers

    Sections