Overview

overview

10

Static

static

10

3512-261-0...ry.exe

windows7-x64

1

3512-261-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3512-261-0x0000000000400000-0x000000000046A000-memory.dmp

  • Size

    424KB

  • Sample

    240312-bk36sadg25

  • MD5

    737bcfb3475e71f463e7d9d8b1d06d9b

  • SHA1

    e9b78a3f0f6299c17cfac2ba680945afa3143bd0

  • SHA256

    4f5c5a59dc500730cf47069f875de298b75ebd08b953ff83ad1540ce461bf430

  • SHA512

    ef010c823280299aae189319a0b6843419be94ea76b6d3696a8bd2c86e34744bf23aa91d9314b41a30ac8fb2367542f8d7e271fa3c7d6f8d48b6f99da47f7c61

  • SSDEEP

    6144:TBA0i2uim7rAPtf9w8zSRWBt9JPpr+hTKWzYIRh6p/Q7u1:TG0iwj9w8zS4BPJPpr+YI10

Score
10/10
vidara129a8292a021d62796bfced1018aa1f

Malware Config

Extracted

Family

vidar

Version

4.3

Botnet

a129a8292a021d62796bfced1018aa1f

C2

https://steamcommunity.com/profiles/76561199514261168

https://t.me/kamaprimo
Attributes
  • profile_id_v2

    a129a8292a021d62796bfced1018aa1f

  • user_agent

    Mozilla/5.0 (Linux; U; Tizen 2.0; en-us) AppleWebKit/537.1 (KHTML, like Gecko) Mobile TizenBrowser/2.0

Targets

    • Target

      3512-261-0x0000000000400000-0x000000000046A000-memory.dmp

    • Size

      424KB

    • MD5

      737bcfb3475e71f463e7d9d8b1d06d9b

    • SHA1

      e9b78a3f0f6299c17cfac2ba680945afa3143bd0

    • SHA256

      4f5c5a59dc500730cf47069f875de298b75ebd08b953ff83ad1540ce461bf430

    • SHA512

      ef010c823280299aae189319a0b6843419be94ea76b6d3696a8bd2c86e34744bf23aa91d9314b41a30ac8fb2367542f8d7e271fa3c7d6f8d48b6f99da47f7c61

    • SSDEEP

      6144:TBA0i2uim7rAPtf9w8zSRWBt9JPpr+hTKWzYIRh6p/Q7u1:TG0iwj9w8zS4BPJPpr+YI10

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks