Overview

overview

10

Static

static

10

3476-1-0x0...ry.exe

windows7-x64

3

3476-1-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3476-1-0x0000000000400000-0x0000000000648000-memory.dmp

  • Size

    2.3MB

  • MD5

    c9efe625a44fa6445625e9198428e3d5

  • SHA1

    6f30766534589cba12561b01d4a989d7ac691eb5

  • SHA256

    b6a34ef742cb1d5d1de3eaa8693703cf58a6c30d6b5625956a3b5c3ad7dac6ea

  • SHA512

    dadc9e6264c6de4b2132f5829eb649e5ae1e37c21ac273ba2f9ce0f7949685fa35a94ad779899b149934cc4a6f0cfe169660b1b362cb1576137548a8c8e6a91e

  • SSDEEP

    3072:tDFbaT8zJWxoVOaLOE73cFnOzN3xzeLHR7uX3socOHh8cs5qOFlPKUU:fXJhVNaEgFn5l7usZ5LF4UU

Score
10/10
stealervidar

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199673019888

https://t.me/irfail
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3476-1-0x0000000000400000-0x0000000000648000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections