Overview

overview

10

Static

static

10

5076-525-0...ry.exe

windows7-x64

3

5076-525-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5076-525-0x0000000000400000-0x000000000046C000-memory.dmp

  • Size

    432KB

  • MD5

    1cabffa78cc787dde3ee03a79ddd246f

  • SHA1

    b12a29455aa542bd0dc123378418e28182257eeb

  • SHA256

    ed0a443b2be09275b5eb6892d6ca9403cc8c6498cdfbc65e1608690cb4de0338

  • SHA512

    0e67fb370fb37f641def9cc02d8e017b8723705bf88a5d3b0a74f81d1bdacf8979b97d59ba3a857231573d5b7e7c5d6c169ea1fdf9f98996fa2440909dd211ce

  • SSDEEP

    6144:7uQRHexuieV+IiVN3f9MY8DWGUQOElBtObJV9DKhoCYjItjCNhul:7uQRHexuieQ/EbYbxDKKpItjCK

Score
10/10
5df88deb5dde677ba658b77ad5f60248vidar

Malware Config

Extracted

Family

vidar

Version

3.2

Botnet

5df88deb5dde677ba658b77ad5f60248

C2

https://steamcommunity.com/profiles/76561199489580435

https://t.me/tabootalks
Attributes
  • profile_id_v2

    5df88deb5dde677ba658b77ad5f60248

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 OPR/91.0.4516.79

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5076-525-0x0000000000400000-0x000000000046C000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections