Overview

overview

10

Static

static

10

2852-175-0...ry.exe

windows7-x64

2852-175-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2852-175-0x0000000003280000-0x00000000034C1000-memory.dmp

  • Size

    2.3MB

  • MD5

    4d3d4414f246b7fa0d4922ec6e06b559

  • SHA1

    9eb11ce5da7abc93cf110f0e0e23f7b8b956b66b

  • SHA256

    f6273a742ceeeb2ede30e53b48a0ccad581b9b79047ae01952fbb4fb1212edc3

  • SHA512

    b89d7dd283476c006e432dcfb2a063f843898f418ae54bf810d5c99613210567a19d100cf79f2754a17b0ef504ae9a0e43349974e122669adcc50904b726cab4

  • SSDEEP

    6144:5B+Fh+yeb9HsDI4JnmwBOCUFIu9DVkpJFkhYOlXrNslM/PNH0c3LO+Ap2hStPBAP:50MyetstJcNIuVV6F3Rkv0yq

Score
10/10
stealer057d037117dc13a05f53caea44d69e65vidar

Malware Config

Extracted

Family

vidar

Version

10.8

Botnet

057d037117dc13a05f53caea44d69e65

C2

https://steamcommunity.com/profiles/76561199761128941

https://t.me/iyigunl
Attributes
  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2852-175-0x0000000003280000-0x00000000034C1000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections