Overview

overview

10

Static

static

10

1056-56-0x...ry.exe

windows7-x64

1

1056-56-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1056-56-0x0000000000400000-0x000000000081B000-memory.dmp

  • Size

    4.1MB

  • MD5

    f4e7997245d327a92d9e5e074acc9291

  • SHA1

    c5294d67962b454826779d16ba43de905f4dd307

  • SHA256

    d536b181e4e5ada326c5ea5a257576a897348bcedabef8c386fda0582f6464d3

  • SHA512

    01b48755dcdba5da67582782626450ba3b0f0640ccda6bad6b1e1ee382785d7c78927fe53473c666ae1db36c247d779162a1418d6ea37b4c6c05b636324a2c17

  • SSDEEP

    6144:EbbD2RXh9KD7EvVkr0evEcZ7/CUqjfgQlVumrvVRXL0chXfoycW:EbuRX6D7ENiKUqDgYumrtRXL0iN

Score
10/10
78489afd9d9a4747beb445e5fb5b9c96vidar

Malware Config

Extracted

Family

vidar

Version

3.6

Botnet

78489afd9d9a4747beb445e5fb5b9c96

C2

https://steamcommunity.com/profiles/76561199499188534

https://t.me/nutalse
Attributes
  • profile_id_v2

    78489afd9d9a4747beb445e5fb5b9c96

  • user_agent

    Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1056-56-0x0000000000400000-0x000000000081B000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections