Overview

overview

10

Static

static

10

2664-173-0...ry.exe

windows7-x64

2664-173-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2664-173-0x00000000037C0000-0x0000000003A01000-memory.dmp

  • Size

    2.3MB

  • MD5

    3e335e4d657314dc9cf4a33684968a79

  • SHA1

    d16631f6092521a972aca273a83283cf860a7223

  • SHA256

    d2e560e87d0cf6ebeb40784841c2e27af4674d7f6c305f4f3a3868e504390562

  • SHA512

    3b4257d982809886b7bb958c9161db1d29eb77f8b37a36c4b5c9d57b29d490a5fa8787f6ba64a5b6e69341ae7b1900afd89609130665fa36737f67b1d48f906e

  • SSDEEP

    6144:68LyqiPfw81zXwzDI4dvSw5cDcFDAuJxVkpIFkhjPgMGhkaBdAGEDkuBsCpUy4aa:6zqiPfwoXQtdcEDAuLVXFwiJQkiaz

Score
10/10
stealer283e465e3e8feb6cb806690b98c9bf31vidar

Malware Config

Extracted

Family

vidar

Version

10.8

Botnet

283e465e3e8feb6cb806690b98c9bf31

C2

https://steamcommunity.com/profiles/76561199761128941

https://t.me/iyigunl
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2664-173-0x00000000037C0000-0x0000000003A01000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections