Overview

overview

10

Static

static

10

1404-0-0x0...ry.exe

windows7-x64

1404-0-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1404-0-0x0000000001D40000-0x0000000001F7F000-memory.dmp

  • Size

    2.2MB

  • MD5

    558158e67edf2d0cbf827df610d98c93

  • SHA1

    36bf6f3cafe2899bc913389c9afcb7a38e333e35

  • SHA256

    dd3d9ecb6a8923c9c7c86d7de607283720b7997e1314bc111bd60fd55ac85557

  • SHA512

    8d6a733993f7c900ebaa7be59ba4309902992927245767659ea7ea7ad66f3482f51f34f817780b17429beccf4f97380b26c555864e15c13d4078d3ff731e456f

  • SSDEEP

    6144:LPvmF4THdfp5XHUMF2sToq2ULOVzcP4Akz:b/THJ0LscqdLZAAkz

Score
10/10
stealer79154234159e9df287ee3a3ef046857avidar

Malware Config

Extracted

Family

vidar

Version

7.5

Botnet

79154234159e9df287ee3a3ef046857a

C2

https://t.me/bogotatg

https://steamcommunity.com/profiles/76561199621829149
Attributes
  • profile_id_v2

    79154234159e9df287ee3a3ef046857a

  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 11_3) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1404-0-0x0000000001D40000-0x0000000001F7F000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections