General
-
Target
2172-578-0x0000000000400000-0x0000000000465000-memory.dmp
-
Size
404KB
-
MD5
2b4c3b0d10a5870205218c93b828b868
-
SHA1
a203e201fdf8ee2e5887d7eb12d28445f4d07c53
-
SHA256
e672a889af024c7d3ad2a2e73083b4b615f580279b0a5fc5b29e23fedbff4c79
-
SHA512
d598dc09d5253cd2bbfd82b323bbc6d8088268604c748034ccd7bb702af8cc37d580ffa5d84c6a334739680a8317ece82dad0de313307567259b49ff2e5c3860
-
SSDEEP
6144:JmTK+XavNsTl/UUa5PI4AFuGIe/EH1/R6wkQ6hOY6di6:JYTZoh0EH1/R6wTF5
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5.8
Botnet
be957cbbdc7ee5ad3ee6c696b5eb3079
C2
https://steamcommunity.com/profiles/76561199555780195
https://t.me/solonichat
Attributes
-
profile_id_v2
be957cbbdc7ee5ad3ee6c696b5eb3079
-
user_agent
Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2172-578-0x0000000000400000-0x0000000000465000-memory.dmp
Headers
Sections