vidar | 2228-10-0x0000000000400000-0x0000000000644000-memory[.]dmp

General

Target

2228-10-0x0000000000400000-0x0000000000644000-memory.dmp
Size

2.3MB
MD5

d003dcbbe9bb0a02d89c95f85e0754c9
SHA1

9787075b46ba72e37bc96788c7e0bb3a0f349517
SHA256

f8a89e7e503da899d86742bcbd90f7499001b0b5091a551fbbd5650f5f3392af
SHA512

57026741c4b6d02aaad70afdd882f49be0d52d82741d2ef8f6ea70b43166a9e3a645dee50b8a341faae8f6c9cfe1973c8bfd629c66c5a4680d5c7ebb72b9fce4
SSDEEP

3072:wPz4Bf0k47qmMxVs1NH89AkOaBiEWBo1nXe2XtoLGQFew:wEx0V7gx2bH89F4ED1XeNx

Score

10^/10

Family

vidar

Version

7.9

Botnet

189059fa1f70a016d0dd798b0653623c

C2

https://t.me/hypergog

https://steamcommunity.com/profiles/76561199642171824

Attributes

profile_id_v2
189059fa1f70a016d0dd798b0653623c
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Detect Vidar Stealer 1 IoCs

stealer

resource	yara_rule
sample	family_vidar_v7

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2228-10-0x0000000000400000-0x0000000000644000-memory.dmp