Overview

overview

10

Static

static

10

872-155-0x...ry.exe

windows7-x64

1

872-155-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    872-155-0x0000000000400000-0x0000000001B54000-memory.dmp

  • Size

    23.3MB

  • MD5

    949b3c4acaec68926c0294479d24494c

  • SHA1

    4283cbd23750a0e5133e52e6ab51a9320fe27280

  • SHA256

    ff9332b3181d141257cc0b2dafd5de995e2a69d887b729fb083b76eb4e4785aa

  • SHA512

    246f7667c0e1d6e6cf09b6e6e476265e600f870ce200bdcc42ec11f8a844da05763d0132197d9335473b6c1a08750fbc15d143154d338af288463448f36a5e5b

  • SSDEEP

    6144:2keehzAsTLPXhmXtI88Ndrb8R2edHdeNonXYx6g9uh7RU:2keehT7hpzg4C9eNonA9

Score
10/10
9053f87d458dad90618481e5f4d431d5vidar

Malware Config

Extracted

Family

vidar

Version

4.4

Botnet

9053f87d458dad90618481e5f4d431d5

C2

https://steamcommunity.com/profiles/76561199235044780

https://t.me/headlist
Attributes
  • profile_id_v2

    9053f87d458dad90618481e5f4d431d5

  • user_agent

    Mozilla/5.0 (Linux; Android 7.0; Pixel C Build/NRD91D; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.124 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 872-155-0x0000000000400000-0x0000000001B54000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections