Overview

overview

10

Static

static

10

2884-39-0x...ry.exe

windows7-x64

2884-39-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2884-39-0x00000000037F0000-0x0000000003A39000-memory.dmp

  • Size

    2.3MB

  • MD5

    79992b0b433bd26644833d85e7d39d99

  • SHA1

    cdbc047390ea7512b164aae525db785f8d978597

  • SHA256

    16b641c41286298835a00ef93dffd252212f35435cd8e596279845af6f32950a

  • SHA512

    a27395eaff1eebf347d57d15d5ba774ee006fe2f0f41876fe8f52388d7753b0ebf98d9e31b3d6a550393071e45bc7d8f9b9bd0f4263dbb63c0c68e7e15c0e0c6

  • SSDEEP

    3072:c8Hl7CB6+a2xl03Ae1yul0oQwQGfmdYxM+sDwoLGC1Qy2pU8ERlJ7K24Mb:cQCM+Txawe8uiodwdGsDmpA6zo

Score
10/10
stealeraa3c310e32508589af60151f2ff4d994vidar

Malware Config

Extracted

Family

vidar

Version

8

Botnet

aa3c310e32508589af60151f2ff4d994

C2

https://steamcommunity.com/profiles/76561199644883218

https://t.me/neoschats
Attributes
  • profile_id_v2

    aa3c310e32508589af60151f2ff4d994

  • user_agent

    Mozilla/5.0 (Linux; Android 11; M2102J20SG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Mobile Safari/537.36 EdgA/97.0.1072.78

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2884-39-0x00000000037F0000-0x0000000003A39000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections