Overview

overview

10

Static

static

10

1680-2-0x0...ry.exe

windows7-x64

1

1680-2-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1680-2-0x0000000000400000-0x0000000000465000-memory.dmp

  • Size

    404KB

  • MD5

    9cc55627b3b3d67a801c6c64650cc6d3

  • SHA1

    0d4b46a5009b24d5a13304b285f691e9bd26ad51

  • SHA256

    00b966e5c317b05815b11e4decbed2ad9884d0c4e6e40a6675c6ba2676874056

  • SHA512

    c6105b549781fc553f20e9dc59826dae814cb05507c73d8edb43d2d892cdebcddcf8ace6329a6af49f0367b1281722ba8c67b6fa9508afe42b3328e063c54c61

  • SSDEEP

    6144:CmTK+XavNsTl/UUa5PI4AFuGIe/EH1/ROwpQ6hOY4Q6:CYTZoh0EH1/ROweF

Score
10/10
c2abfb0e7157a4fe8c1096547c466cbbvidar

Malware Config

Extracted

Family

vidar

Version

5.8

Botnet

c2abfb0e7157a4fe8c1096547c466cbb

C2

https://steamcommunity.com/profiles/76561199555780195

https://t.me/solonichat
Attributes
  • profile_id_v2

    c2abfb0e7157a4fe8c1096547c466cbb

  • user_agent

    Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1680-2-0x0000000000400000-0x0000000000465000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections