General
-
Target
1688-4909-0x0000000000400000-0x0000000000648000-memory.dmp
-
Size
2.3MB
-
MD5
068f1c9ae1d9304a60ee2aad765ae046
-
SHA1
259eaf9bd3ee86e095dd11a474e901efac749169
-
SHA256
3b91557be936608b261af7cffa5051312591ac901f4a43c35a6e0237becf3edb
-
SHA512
b425c169abcf2e6d2f060cd393db3319cb95bb9ee1106306f2dc1a2c0e65b58ea6b219564441f930634f98ea4dc114608bb33f87c98d9d8ffec8eb18fea57091
-
SSDEEP
3072:HDFbaT8zJWxoVOaLOE73cFnOzN3xzeLHR7uXc9socOHA8cs5qO4lPKUU:5XJhVNaEgFn5l7uXW5L44UU
Score
10/10
Malware Config
Extracted
Family
vidar
C2
https://steamcommunity.com/profiles/76561199673019888
https://t.me/irfail
Attributes
-
user_agent
Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0
Signatures
-
Detect Vidar Stealer 1 IoCs
-
Vidar family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1688-4909-0x0000000000400000-0x0000000000648000-memory.dmp
Headers
Sections