Overview

overview

10

Static

static

10

1052-183-0...ry.exe

windows7-x64

10

1052-183-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1052-183-0x0000000005FF0000-0x0000000006266000-memory.dmp

  • Size

    2.5MB

  • MD5

    e168ffbbd6fecd6ab12321f21028890e

  • SHA1

    ee128642cf3a3eaea5bfb65015cbbc42a3adfd50

  • SHA256

    b09cb2d37f5b4be0e3f2276c7b45de1a38b4c9dc2cb8afc7382884a0325b80f5

  • SHA512

    e596768d0e912017625f48457c4930e3b62a92f6fc7668a57d62f49841a9a83b8eb7de79009bf104dcf8eee71a042cb5607ec9431ab9c34e61a3b06c34d24a11

  • SSDEEP

    12288:sbRVMP+YSGGkNs0Ix6BY/sCVJFEbtQIWmd:sboP+bGGkNKU3C30z

Score
10/10
stealer744fd163d6d4e0ac37e4032bcbfbb6afvidar

Malware Config

Extracted

Family

vidar

Version

11

Botnet

744fd163d6d4e0ac37e4032bcbfbb6af

C2

https://steamcommunity.com/profiles/76561199780418869

https://t.me/ae5ed
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1052-183-0x0000000005FF0000-0x0000000006266000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections