Overview

overview

10

Static

static

10

2044-56-0x...ry.exe

windows7-x64

1

2044-56-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2044-56-0x0000000000400000-0x000000000081A000-memory.dmp

  • Size

    4.1MB

  • MD5

    4f49cadba8bcdf30e8f4ec022476ec86

  • SHA1

    7db5ed5c9de6b4598763a67e5df6e6e6a8ca0b09

  • SHA256

    9532dd864fb27b0df6becf4c0af58b93ef383856724f51b22fa43e53cd52121e

  • SHA512

    417be2538354ff9b8f3df746e87dfc6884c9b7c76b8afaddd0f9d3f56f3c4c01b2854e1c34bea73aa915d8c2f382d7560c982454f4ec7f5c20bb84f4fbd97fc2

  • SSDEEP

    6144:EbbD2RXh9KD7EvVkr0evEcZ7/CUqjfgQlVumr/VRXL0chXfoucWRfq:EbuRX6D7ENiKUqDgYumrdRXL0+NR

Score
10/10
78489afd9d9a4747beb445e5fb5b9c96vidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

78489afd9d9a4747beb445e5fb5b9c96

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    78489afd9d9a4747beb445e5fb5b9c96

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2044-56-0x0000000000400000-0x000000000081A000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections