Overview

overview

10

Static

static

10

2000-56-0x...ry.exe

windows7-x64

1

2000-56-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2000-56-0x0000000000400000-0x0000000000479000-memory.dmp

  • Size

    484KB

  • MD5

    78bca03482dfeaa471deb727b08ec17d

  • SHA1

    8337b3b866f270ce04ec53940560afe6ee297352

  • SHA256

    fe67277a060410621075df8fada7f0917163d56a741c0cd4ca9a7ab5f4971a25

  • SHA512

    934b38c8091f757aba899fd26f645f9275b406a31043c1ba51f7c9525d086dad418c7a2122d480a2317b9856f36a2135ee682df214deea820576f9be926800ed

  • SSDEEP

    6144:EbbD2RXh9KD7EvVkr0evEcZ7/CUqjfgQlVumrDVRXL0chXfo3cW:EbuRX6D7ENiKUqDgYumrZRXL0nN

Score
10/10
78489afd9d9a4747beb445e5fb5b9c96vidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

78489afd9d9a4747beb445e5fb5b9c96

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    78489afd9d9a4747beb445e5fb5b9c96

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2000-56-0x0000000000400000-0x0000000000479000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections