vidar | 00ee18104917bd8534396eeacbf4cc46540f58ebe17f6f5618981b2a996044fc | Triage

Sharing

General

Target

4708-292-0x0000000000400000-0x000000000046A000-memory.dmp
Size

424KB
Sample

240308-jaflqsbb4z
MD5

2f247ba6f39a0055735be07296953c5d
SHA1

c9acf5536408ff1f5314e60a14bda18b76819e47
SHA256

00ee18104917bd8534396eeacbf4cc46540f58ebe17f6f5618981b2a996044fc
SHA512

43f3b6e14bc933d840a9ee67798917f5200e069431e26fa0445a9768f23a9abcfd7f8d6ce4fe85ef5e31a0c6df998d87d56470e53627e4914399ec38dc8f2e3c
SSDEEP

6144:qtUGfUWOeEBUEhLkXj3zRG6yLQ/UNP4H2CiTTV10qhhThAjrt:qtUGfVwUFzRG6EQ0POfiTTL0qtAjrt

Score

10^/10

vidar a81bcf59d85e6e13257840e65b9d1da8

Malware Config

Extracted

Family

vidar

Version

4.2

Botnet

a81bcf59d85e6e13257840e65b9d1da8

C2

https://steamcommunity.com/profiles/76561199511129510

https://t.me/rechnungsbetrag

Attributes

profile_id_v2
a81bcf59d85e6e13257840e65b9d1da8
user_agent
Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.38 Safari/537.36 Brave/75

Targets

- Target
  
  4708-292-0x0000000000400000-0x000000000046A000-memory.dmp
- Size
  
  424KB
- MD5
  
  2f247ba6f39a0055735be07296953c5d
- SHA1
  
  c9acf5536408ff1f5314e60a14bda18b76819e47
- SHA256
  
  00ee18104917bd8534396eeacbf4cc46540f58ebe17f6f5618981b2a996044fc
- SHA512
  
  43f3b6e14bc933d840a9ee67798917f5200e069431e26fa0445a9768f23a9abcfd7f8d6ce4fe85ef5e31a0c6df998d87d56470e53627e4914399ec38dc8f2e3c
- SSDEEP
  
  6144:qtUGfUWOeEBUEhLkXj3zRG6yLQ/UNP4H2CiTTV10qhhThAjrt:qtUGfVwUFzRG6EQ0POfiTTL0qtAjrt
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

a81bcf59d85e6e13257840e65b9d1da8vidar

behavioral1

behavioral2