Overview

overview

10

Static

static

10

1268-280-0...ry.exe

windows7-x64

1

1268-280-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1268-280-0x0000000000400000-0x000000000046B000-memory.dmp

  • Size

    428KB

  • MD5

    0aa6f01d88646068b4b1c3bcba17d987

  • SHA1

    1f86dc969a5a31a4a5892289af2593718d98770e

  • SHA256

    52f8970ad5d0b0364147dd88c4f6641420c9b372a6a26ee18a10d9fd55ef7f07

  • SHA512

    15692314de1d3fcb62541be2747ea1eac06f1afac207f2e4a258066c1dc6f0d1e332c017c6948d7cdfa1fac3ab677c11af31005a274ed3c652baebabea32059d

  • SSDEEP

    6144:3ua5z4XeLqMVc2Uc1ax/QfTyuAlHKdlJP0KVah6wu2Ai0BvF:3V5z4XPMPA/QryvodlJP0KVTRF

Score
10/10
ef32d425b907146eeb9090dbc9455ab1vidar

Malware Config

Extracted

Family

vidar

Version

3.8

Botnet

ef32d425b907146eeb9090dbc9455ab1

C2

https://steamcommunity.com/profiles/76561198272578552

https://t.me/libpcre
Attributes
  • profile_id_v2

    ef32d425b907146eeb9090dbc9455ab1

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1268-280-0x0000000000400000-0x000000000046B000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections