General
-
Target
3052-103-0x0000000000400000-0x0000000001B72000-memory.dmp
-
Size
23.4MB
-
MD5
3429f98602b1e1ba87baead279b89958
-
SHA1
6478c0048920b0cfa57f8d81e88d2012a6c313b4
-
SHA256
6820bc40728b5a2c72d96b4f27094ee196b6a4874b2213fd712eef3b6b958ac0
-
SHA512
118c4254238a15997e0d7395359f98ab77b5cc6ac3fbd73e8fefdb40ef629a9ebff3593af48f13b5c67d4211e1df2878430dec90d1a656982cc1afabe887a8fc
-
SSDEEP
12288:Vib4E1z9tDqi/sV3mHzeZsccfG7SnbzUO5s:Vc1z9hqiC2IscpWte
Score
10/10
Malware Config
Extracted
Family
vidar
Version
4.6
Botnet
1c067a65ab64c7f430d822026407d135
C2
https://steamcommunity.com/profiles/76561199523054520
https://t.me/game4serv
Attributes
-
profile_id_v2
1c067a65ab64c7f430d822026407d135
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0
Signatures
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3052-103-0x0000000000400000-0x0000000001B72000-memory.dmp
Headers
Sections