Overview

overview

10

Static

static

10

1600-274-0...ry.exe

windows7-x64

1600-274-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1600-274-0x0000000000400000-0x00000000005CE000-memory.dmp

  • Size

    1.8MB

  • MD5

    dde98de9112e04abdb005a13e8a6412d

  • SHA1

    17d71999f33b9f4ed7a24a59f1bb72c211167174

  • SHA256

    08282a6e5597ef45674addd0935f337890c45c26fe21ad70d78951d0a7c1eb1f

  • SHA512

    546970a360cce5a572d05b925bf32af3f7f069ef76a89d825ef2f1912317e101e4492ab05a9ba6c9d89befd96327d6c0017d8591d980a1f6fe0cfa2c2582e0f6

  • SSDEEP

    6144:Rbe2Qqw3tylpe5pXj1ISI4kWuY7v3BdhZFhMaPR/zhFyaU:O9y7e7myT37hZFh7R/

Score
10/10
5a1fadccb27cfce506dba962fc85426dvidar

Malware Config

Extracted

Family

vidar

Version

6

Botnet

5a1fadccb27cfce506dba962fc85426d

C2

https://steamcommunity.com/profiles/76561199560322242

https://t.me/cahalgo
Attributes
  • profile_id_v2

    5a1fadccb27cfce506dba962fc85426d

  • user_agent

    Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 uacq

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1600-274-0x0000000000400000-0x00000000005CE000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections