Overview

overview

10

Static

static

10

2516-460-0...ry.exe

windows7-x64

1

2516-460-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2516-460-0x0000000000400000-0x000000000046B000-memory.dmp

  • Size

    428KB

  • MD5

    68fd6b33df4c697300fd63ee42ed75a9

  • SHA1

    95020e81ed8c44cca4055d7fb651519ba5dd22a0

  • SHA256

    d3f5ece959dd95f2bfe26b9bbb721214b035b17371e83023345b3ac59fd64c95

  • SHA512

    2ca7a88a8c5906cc83cc09a021bfb111b1a7a44ed7d92a9a6d882c34fe259ca229c1ceec1dde72fcef4e8db74c924b9a13b662ff8cbee7aaadd880815938ea57

  • SSDEEP

    6144:4keehzAsTLPXhmXtI88Ndrb8R2edHdeNonXYS6gsuhIa:4keehT7hpzg4C9eNonLs

Score
10/10
153ce668f1e21829c936c2b11fa4d869vidar

Malware Config

Extracted

Family

vidar

Version

4.4

Botnet

153ce668f1e21829c936c2b11fa4d869

C2

https://steamcommunity.com/profiles/76561199235044780

https://t.me/headlist
Attributes
  • profile_id_v2

    153ce668f1e21829c936c2b11fa4d869

  • user_agent

    Mozilla/5.0 (Linux; Android 7.0; Pixel C Build/NRD91D; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.124 Safari/537.36

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2516-460-0x0000000000400000-0x000000000046B000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections