Overview

overview

10

Static

static

10

1120-57-0x...ry.exe

windows7-x64

1120-57-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1120-57-0x0000000000400000-0x00000000009E7000-memory.dmp

  • Size

    5.9MB

  • MD5

    6f1e895d3253998c756e9b78d971461d

  • SHA1

    5e10142dab286afcf7421f1cc0cabcd605b59611

  • SHA256

    e0d50e0feb5aab7dcf40779fc6780a041da12b3c0fd86050a3e4a8f697faf62c

  • SHA512

    d629f12b53e636c46d23344007db3191f451698efe8cc51e51a98362bc1333c848a69ee9b3c0ffcf30edf3ff3e26577adbaaddbf667d9af64e654a5682ae67e6

  • SSDEEP

    98304:+h68yQKqD+LvXE8yuMJoJ8Z+YR+bNMDSSEgFQhUMv/p+W5V5rbyo:G68qqyIu9BfHS5h0++byo

Score
10/10
e40ad4c5b22b318115fadbcdb4b6637avidar

Malware Config

Extracted

Family

vidar

Version

3.4

Botnet

e40ad4c5b22b318115fadbcdb4b6637a

C2

https://steamcommunity.com/profiles/76561199494593681

https://t.me/auftriebs
Attributes
  • profile_id_v2

    e40ad4c5b22b318115fadbcdb4b6637a

  • user_agent

    Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1120-57-0x0000000000400000-0x00000000009E7000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections