vidar | 2388-140-0x00000000008A0000-0x0000000000AF9000-memory[.]dmp

General

Target

2388-140-0x00000000008A0000-0x0000000000AF9000-memory.dmp
Size

2.3MB
MD5

c4fdf76b6c1f4c1f999a0d7e3987e61b
SHA1

2b3d4eeb2f622cb536fec7ed4760419a86bd9f56
SHA256

99c5d8508ea7a666a22c0dc14e6f75deeee51af344bda5813d848c76f739bb56
SHA512

43fcde76d58c46cd2860cf5996cb2bda7fad981d8d29e1c3edc91d84226804f9fa836fa6ad13b6a98cf7899e862a845f1caa6d8293c2955be983105149dcd4a3
SSDEEP

6144:b5CDwoe7H/Y7PYfVLzZAfKaAjc8O+Err:b5CDwpLZudAjvOd/

Score

10^/10

Family

vidar

Version

11.8

Botnet

41d35cbb974bc2d1287dcd4381b4a2a8

C2

https://t.me/fu4chmo

https://steamcommunity.com/profiles/76561199802540894

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6

Detect Vidar Stealer 1 IoCs

stealer

resource	yara_rule
sample	family_vidar_v7

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2388-140-0x00000000008A0000-0x0000000000AF9000-memory.dmp