General
-
Target
2220-550-0x0000000000400000-0x0000000000465000-memory.dmp
-
Size
404KB
-
MD5
4cfad9e4d5aeab1039b7bc5328b29768
-
SHA1
fecfada00793fcfe996039b43a71feb17da94def
-
SHA256
600e95006b3bc4e6d80b801c4107e3ac4697625ba1195ec54c761a4ef5a07869
-
SHA512
09b93070e9e33357e5294de029c24404d13724076c8b67b76d8f0d174f43de9bf7a163959319199866c3a62b5b2561947b2eddbf90b1daf1389500f4be7e3f00
-
SSDEEP
6144:OisujIl/IUezxowQpnI4+4uiNIGnRf+xmcZRDZqvhZvwVP:Opn/085AyRf+xhDZqzw
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5.7
Botnet
5c0b4a12d6c03dd98ed431d3eded2169
C2
https://steamcommunity.com/profiles/76561199553369541
https://t.me/dastanatg
Attributes
-
profile_id_v2
5c0b4a12d6c03dd98ed431d3eded2169
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_8) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.7 Safari/605.1.75
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2220-550-0x0000000000400000-0x0000000000465000-memory.dmp
Headers
Sections