Overview

overview

10

Static

static

10

868-83-0x0...ry.exe

windows7-x64

1

868-83-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    868-83-0x0000000000400000-0x000000000046B000-memory.dmp

  • Size

    428KB

  • MD5

    8f55284ff35eb2f0636ea19f1e448619

  • SHA1

    01fb2b36c87d645b970297ea7cff8f077220386c

  • SHA256

    c396c08580c70db18304984b6b7397480b891df8978bb7eb3849759a38254e43

  • SHA512

    4f38eef8a7e0607a94ea988a8c2d83033a2845e1945153622208212dc4373434f3b86c4e0cc64278690cc5249df33838a7852f3a192c1be360aa844aa6f21fd1

  • SSDEEP

    6144:FXulboUPovpXw4CcUbTqnl0dMtWjHlPwRiLkCm1dTWhw:5ulbMOR2ea0jViiLPedTB

Score
10/10
28c8b36afa809659e21c14e7f6231b80vidar

Malware Config

Extracted

Family

vidar

Version

4.2

Botnet

28c8b36afa809659e21c14e7f6231b80

C2

https://t.me/rechnungsbetrag

https://t.me/prescilliouns

https://steamcommunity.com/profiles/76561199511129510
Attributes
  • profile_id_v2

    28c8b36afa809659e21c14e7f6231b80

  • user_agent

    Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.38 Safari/537.36 Brave/75

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 868-83-0x0000000000400000-0x000000000046B000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections