Overview

overview

10

Static

static

10

4680-353-0...ry.exe

windows7-x64

1

4680-353-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4680-353-0x0000000000400000-0x00000000006EA000-memory.dmp

  • Size

    2.9MB

  • Sample

    240306-1bq8ashh72

  • MD5

    4c567f333bc39476c78b2a2d6045f52e

  • SHA1

    f81bebed27b98aad7636eb9a78b361f66b2cd4ae

  • SHA256

    f2c0501e61bdf0f976362e5e406c7579b8d4b9f423ff46c1b1e7325e0e64dfd8

  • SHA512

    7fb5484998d3551d56c41f35f331a958f7663621e49e7be48508b87c5092ad8ef259ca1c5fac9a45ef196924d99088c0a556d1481bd9807d77493f34d55d0a94

  • SSDEEP

    6144:7ua5z4XeLqMVc2Uc1ax/QfTyuAlHKdlJ70KQah6wu2AiduvF0:7V5z4XPMPA/QryvodlJ70KQTjF0

Score
10/10
vidare5d7cb6205191dc1a4f6288000860943

Malware Config

Extracted

Family

vidar

Version

3.8

Botnet

e5d7cb6205191dc1a4f6288000860943

C2

https://steamcommunity.com/profiles/76561198272578552

https://t.me/libpcre
Attributes
  • profile_id_v2

    e5d7cb6205191dc1a4f6288000860943

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Targets

    • Target

      4680-353-0x0000000000400000-0x00000000006EA000-memory.dmp

    • Size

      2.9MB

    • MD5

      4c567f333bc39476c78b2a2d6045f52e

    • SHA1

      f81bebed27b98aad7636eb9a78b361f66b2cd4ae

    • SHA256

      f2c0501e61bdf0f976362e5e406c7579b8d4b9f423ff46c1b1e7325e0e64dfd8

    • SHA512

      7fb5484998d3551d56c41f35f331a958f7663621e49e7be48508b87c5092ad8ef259ca1c5fac9a45ef196924d99088c0a556d1481bd9807d77493f34d55d0a94

    • SSDEEP

      6144:7ua5z4XeLqMVc2Uc1ax/QfTyuAlHKdlJ70KQah6wu2AiduvF0:7V5z4XPMPA/QryvodlJ70KQTjF0

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks