Overview

overview

10

Static

static

10

1868-184-0...ry.exe

windows7-x64

3

1868-184-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1868-184-0x0000000000400000-0x000000000046C000-memory.dmp

  • Size

    432KB

  • Sample

    240305-v28mdadc94

  • MD5

    1cd15f40f8a915ee415892df90a0587c

  • SHA1

    1942d25653a4ac8b352e5488cfeeaf426fff4d46

  • SHA256

    621d66cfdf06bb370d8c4584189c8d62c814d8afc38efa993d1da25e939318c9

  • SHA512

    a377ac32a73b8441a09d9b44efcd48a87ae5b03bb15ae6a209e5f1f3886ad412786ce60bc989a8533c9054a011a85e0bd9a0c7938950b12d637adb8e3df43d63

  • SSDEEP

    6144:z66+X5aG78XAIn2RN2iy3g8UpioUb65qJfbri5bMuCV4a7SqdBFJVkShVU:z6HX5aG782ook65G/id5CV57vZVk

Score
10/10
vidarbf58e1879f88b222ba2391682babf9d8

Malware Config

Extracted

Family

vidar

Version

3.5

Botnet

bf58e1879f88b222ba2391682babf9d8

C2

https://steamcommunity.com/profiles/76561199497218285

https://t.me/tg_duckworld
Attributes
  • profile_id_v2

    bf58e1879f88b222ba2391682babf9d8

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Targets

    • Target

      1868-184-0x0000000000400000-0x000000000046C000-memory.dmp

    • Size

      432KB

    • MD5

      1cd15f40f8a915ee415892df90a0587c

    • SHA1

      1942d25653a4ac8b352e5488cfeeaf426fff4d46

    • SHA256

      621d66cfdf06bb370d8c4584189c8d62c814d8afc38efa993d1da25e939318c9

    • SHA512

      a377ac32a73b8441a09d9b44efcd48a87ae5b03bb15ae6a209e5f1f3886ad412786ce60bc989a8533c9054a011a85e0bd9a0c7938950b12d637adb8e3df43d63

    • SSDEEP

      6144:z66+X5aG78XAIn2RN2iy3g8UpioUb65qJfbri5bMuCV4a7SqdBFJVkShVU:z6HX5aG782ook65G/id5CV57vZVk

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks