General
-
Target
1688-342-0x0000000000400000-0x000000000092B000-memory.dmp
-
Size
5.2MB
-
MD5
4730f79463c6a291dcc74e5cced27e30
-
SHA1
2fa624c885ce592c54389c02e08dbf50cf405c9a
-
SHA256
b79f29e3dfc89ff2d74b1bbbc0b92330052161ee34f8196b41e391ae18804ecb
-
SHA512
3bb54b7c1c5a3d335d8b01822e8928a33b7df6bbb31d36dfcca7f407a9d25be80d4182f52a7bb657a62bd677b3d5dc1b6bc71a23dbc8714bfd2108a59e83cac8
-
SSDEEP
6144:ZMqEHUkNqBVHhR5pW+JzUQQVgIvEwIdpeCRiKhr2AiyJ+8e1:ZMqEH+BVJNzULgekdpeEiEz5s
Score
10/10
Malware Config
Extracted
Family
vidar
Version
3.9
Botnet
379b0d0a9ef2b4ae960ec452f90e3e8b
C2
https://steamcommunity.com/profiles/76561199263069598
https://t.me/cybehost
Attributes
-
profile_id_v2
379b0d0a9ef2b4ae960ec452f90e3e8b
-
user_agent
Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.7 (like Gecko) (Debian)
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1688-342-0x0000000000400000-0x000000000092B000-memory.dmp
Headers
Sections