General
-
Target
2020-3-0x0000000000400000-0x0000000001A33000-memory.dmp
-
Size
22.2MB
-
MD5
3ded4e9cd76939c7662ba0c9429a56ef
-
SHA1
ca27e4cd72afc9a765153f4db01bbde8cea01b81
-
SHA256
b4c37d8363e4433efa6811eb0e3f1ee63d221ed7ad3fa9ca3a22dfcfcda7d46b
-
SHA512
44df9a441f8e15af4a82396795f1dc7d5914672a39226d4eebde59876e5aee046cf47b2c779a7b92a46c8c35245cf52e9c6345213e4e1b0fd0bac24fd7d2eaa9
-
SSDEEP
3072:k4Bx51WWmJJISOp3Bw/iTGwghyB7vC4bfd3uDR4nTNywp8ERlJ7K+VLXye87xf/g:lAWyuSO1BwaqwT3f4DiTNtb6+9Xyekx
Malware Config
Extracted
vidar
8
ab8ba484d8a6c9be7d043c05bea0aa9f
https://t.me/neoschats
https://steamcommunity.com/profiles/76561199644883218
-
profile_id_v2
ab8ba484d8a6c9be7d043c05bea0aa9f
-
user_agent
Mozilla/5.0 (Linux; Android 11; M2102J20SG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Mobile Safari/537.36 EdgA/97.0.1072.78
Signatures
-
Detect Vidar Stealer 1 IoCs
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2020-3-0x0000000000400000-0x0000000001A33000-memory.dmp
Headers
Sections