General
-
Target
912-133-0x0000000000400000-0x00000000004CC000-memory.dmp
-
Size
816KB
-
MD5
b23d8f972cca9dca9ab3f32064fd83ed
-
SHA1
3911d5ea4a57118ca04aca583e4a6d4064d46e36
-
SHA256
fac09feb8b9484c156b97e6aaea6c1304804ad39b26458b01b1e490c08b3a1ed
-
SHA512
b865059533d95db7f3644fbe591a6a6118bfa414cbbd3969cd716b079c702413f4ca202f6bb0de5a3b8d64e30aeaa01f3aa8756f5a0e7fe66413acf64d97fed6
-
SSDEEP
6144:ABA0i2uim7rAPtf9w8zSRWBt9JPpr+hTtWzYFRh6ptPk7u1BjoH:AG0iwj9w8zS4BPJPpr+VFwk02
Score
10/10
Malware Config
Extracted
Family
vidar
Version
4.3
Botnet
96025c412217706dfea86d2504b62d27
C2
https://steamcommunity.com/profiles/76561199514261168
https://t.me/kamaprimo
Attributes
-
profile_id_v2
96025c412217706dfea86d2504b62d27
-
user_agent
Mozilla/5.0 (Linux; U; Tizen 2.0; en-us) AppleWebKit/537.1 (KHTML, like Gecko) Mobile TizenBrowser/2.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
912-133-0x0000000000400000-0x00000000004CC000-memory.dmp
Headers
Sections