General
-
Target
1872-475-0x0000000000400000-0x0000000000465000-memory.dmp
-
Size
404KB
-
MD5
0b98d587392597ed942f1628520a9305
-
SHA1
285cf0eee8c6b85a8f4b5b0819b6c32aeda4d566
-
SHA256
6ef41b6a5b6b13ff4fa67040c57f75ba2e765d646d5c1f122671bef9d1beb63d
-
SHA512
f9653fa0a78fc88d5dfcdca6b37771828070d440aa321319d5a8cc3dde06d817081638602ae136e8792dfc6dcd11393354ebec8ae5b13aa0b13da6b37cf3c1bb
-
SSDEEP
6144:OisujIl/IUezxowQpnI4+4uiNIGnRf+xmKZRDZqvhZvdzr:Opn/085AyRf+xHDZqzd
Score
10/10
Malware Config
Extracted
Family
vidar
Version
5.7
Botnet
5c0b4a12d6c03dd98ed431d3eded2169
C2
https://steamcommunity.com/profiles/76561199553369541
https://t.me/dastanatg
Attributes
-
profile_id_v2
5c0b4a12d6c03dd98ed431d3eded2169
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_8) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.7 Safari/605.1.75
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1872-475-0x0000000000400000-0x0000000000465000-memory.dmp
Headers
Sections