Overview

overview

10

Static

static

10

4532-69-0x...ry.exe

windows7-x64

4532-69-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4532-69-0x0000000000400000-0x0000000000643000-memory.dmp

  • Size

    2.3MB

  • MD5

    fd4474d3701041a14cfd01810783de6e

  • SHA1

    f83e5d5c934d54fb89fef38b867a9bf102a64f9b

  • SHA256

    103f12e27aa030a60ec19fc3513149283892932a5647f1d044aef05fa1625ff6

  • SHA512

    27eac207e884a9e9995d7e07d5abf329d311ae95678853badef011a592bc2adf8737cfa0c2dde9b9ac667e20d819e90f88d86485ade1292e2c34e3d5dd9581d7

  • SSDEEP

    6144:nbShBLWANKrBWyt3ZOwUPfbldFw0t+Z0vhAVfNiCsy5cIlHuix:nboLWxrBD1dsMvHu

Score
10/10
stealervidar

Malware Config

Extracted

Family

vidar

C2

https://steamcommunity.com/profiles/76561199747278259

https://t.me/armad2a
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 YaBrowser/24.6.0.1 Safari/537.36

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4532-69-0x0000000000400000-0x0000000000643000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections