Overview

overview

10

Static

static

10

2164-3-0x0...ry.exe

windows7-x64

1

2164-3-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2164-3-0x0000000000400000-0x00000000007D6000-memory.dmp

  • Size

    3.8MB

  • MD5

    329e8eb295c9a3bdfe7a3885f8cb628d

  • SHA1

    9c47ca5dad1847dbf421b946d6607d65722eed67

  • SHA256

    d4078790d73527393741561b9cb5d88bb0470590b2828707bc938d2a31bddc1f

  • SHA512

    726618b31b28af91bdadf66cff4042d0937477d15aaa712cd6d2e699ef1ac2b40b00669bfe7b7019f522610c1b8ff4081e99d9e8cec4344d97b9df06de19d63c

  • SSDEEP

    6144:wRPMRDHFORSboTYtwE826I4W5uQrOXmC/F9ZUiqaEVLhLZlu5:3TgY1826tWC99ZUiqaEVno

Score
10/10
ecfea5e785cf6eb1f47a5865492bbbb3vidar

Malware Config

Extracted

Family

vidar

Version

6.2

Botnet

ecfea5e785cf6eb1f47a5865492bbbb3

C2

https://steamcommunity.com/profiles/76561199564671869

https://t.me/scubytale
Attributes
  • profile_id_v2

    ecfea5e785cf6eb1f47a5865492bbbb3

  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 OPR/104.0.0.0

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2164-3-0x0000000000400000-0x00000000007D6000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections