General
-
Target
2336-2-0x0000000000400000-0x0000000000509000-memory.dmp
-
Size
1.0MB
-
MD5
937a860d4d2a0ec6685a751fc580034b
-
SHA1
ae0c2c024bb82d7cae73723dd37ee1ab17e1d939
-
SHA256
149ed2e6fcc756ba18285177de61a96f2f9d50da1dec9c4a6b2262c5b7c0b818
-
SHA512
8ed65ac0729ea22bdf454a98f12b4ebe6561c2d22663f767aae2a8459a65de1939981f692a0161c04b97cfed4ba213094fc1f50b0babc6afea52923e4b8bbd84
-
SSDEEP
6144:qZ4ZJ7oMzXpdF2AX2RvzI4TJu1lnTZc4Gx1HOh2P2Tbno:qa8wpCRv9MnTZc4Gx1HLGbo
Score
10/10
Malware Config
Extracted
Family
vidar
Version
6.3
Botnet
8036442451e00fa27a235c4a80cbfb3c
C2
https://steamcommunity.com/profiles/76561199566884947
https://t.me/octobrains
Attributes
-
profile_id_v2
8036442451e00fa27a235c4a80cbfb3c
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:110.0) Gecko/20100101 Firefox/119.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2336-2-0x0000000000400000-0x0000000000509000-memory.dmp
Headers
Sections