Overview

overview

10

Static

static

10

856-57-0x0...ry.exe

windows7-x64

856-57-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    856-57-0x0000000000740000-0x0000000000999000-memory.dmp

  • Size

    2.3MB

  • MD5

    f67130eb0d29f6b85be5e4b6601e257c

  • SHA1

    7488677d5ab2950cd3c7bc40a85cf7c2454d0c39

  • SHA256

    e9a35cd301f7210192becd153941d6d99bfe7e86ef09f5fa9b1846bc69b93022

  • SHA512

    adc3a120c836569f9faa4eb04f410491f4acf7fcd7192a027b653bfa498458597084d295c2e5aaad1b0d9c77a0d940059ddc4c70d14bfc4a79269fb699f8b7ba

  • SSDEEP

    6144:rRAVy4AHXGTTCRNuwpfA7MyFmtKi8icOr1:rRAVycqfGBFmtK5iRR

Score
10/10
stealer93e4f2dec1428009f8bc755e83a21d1bvidarstealc

Malware Config

Extracted

Family

vidar

Version

11.8

Botnet

93e4f2dec1428009f8bc755e83a21d1b

C2

https://t.me/fu4chmo

https://steamcommunity.com/profiles/76561199802540894
Attributes
  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6

Signatures

  • Detect Vidar Stealer 1 IoCs
    stealer
  • Stealc family
    stealc
  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 856-57-0x0000000000740000-0x0000000000999000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections