General
-
Target
376-231-0x0000000000400000-0x0000000000465000-memory.dmp
-
Size
404KB
-
MD5
bf55e6a6257054a2e4180cd9734c59e9
-
SHA1
0726dae98c98604678e7edab69259a02db20c949
-
SHA256
1199e59482adfcecc703786c60ce26d8a159b161ac3a3023ce4de41942572b92
-
SHA512
3b806a7b864d8f043c97c4ae00921d5259ed3ffa68ef55e3f2720fe4c1142a2506c95cc85929a6bb61789d5d1b6d3cf5cf063056eda015eacd8b3b724ebbcf7c
-
SSDEEP
6144:fbe2Qqw3tylpe5pXj1ISI4kWuY7v3BdhZFhJaPRIzhFyjU:09y7e7myT37hZFh2RI
Score
10/10
Malware Config
Extracted
Family
vidar
Version
6
Botnet
d37c48c18c73cc0e155c7e1dfde06db9
C2
https://steamcommunity.com/profiles/76561199560322242
https://t.me/cahalgo
Attributes
-
profile_id_v2
d37c48c18c73cc0e155c7e1dfde06db9
-
user_agent
Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 uacq
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
376-231-0x0000000000400000-0x0000000000465000-memory.dmp
Headers
Sections