General
-
Target
2492-27-0x0000000000400000-0x0000000000648000-memory.dmp
-
Size
2.3MB
-
MD5
21de67076fa916a9a55febf4acad6c23
-
SHA1
2e9a7471a87f2c1e489515e71bb37a4281863da9
-
SHA256
a7d0122b6c1674bd669c8a5970f32ec2328fe84bff9ddea9f51d44c3eeb4c966
-
SHA512
b9d9d7bf7f6d81684aa7aed382f0f4a047c769f777d62f83410614835ef6fdd27079faa6be99008922c06c1553f3e2cd5c3a23cf3d021c8f03cae26dc48af76c
-
SSDEEP
3072:zoMmOWz+/+lmquQzQ3Iq3HYQT33rytEez+WfADF35nVOwUdVgLFZE1G:0fO64+8fQzPuHYQXrBFJ5tvm
Score
10/10
Malware Config
Extracted
Family
vidar
C2
https://t.me/de17fs
https://steamcommunity.com/profiles/76561199667616374
Attributes
-
user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0
Signatures
-
Detect Vidar Stealer 1 IoCs
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2492-27-0x0000000000400000-0x0000000000648000-memory.dmp
Headers
Sections