vidar | 4308-6-0x0000000000400000-0x0000000000700000-memory[.]dmp

General

Target

4308-6-0x0000000000400000-0x0000000000700000-memory.dmp
Size

3.0MB
MD5

46b4bb5e257a9b622221cf97d7c635fa
SHA1

a5b9f32453f3b7898d70d77740275329db58dfd7
SHA256

4a404a670aed2616b140460cc7acf7ac6e0cb9ed2bcb617c6b7de7e45f320cdf
SHA512

d9c38b483275d34e257224d2823e08c70bb51f031cc860f9108f47d194fc8fa227c0f5ccb97582c01db4c90fdd975a6c0394fa42ec7a65f97778e27f9bd90415
SSDEEP

24576:Key05nEQXObrpEwMGNL/geFyNcTN+jv75TQn652VBuNyb6:xLZ+b1ELGJtF4ch+jvNm0Nyb6

Score

10^/10

Family

vidar

Version

11.4

Botnet

7c37934964656ffad71319cfd3f70c69

C2

https://t.me/asg7rd

https://steamcommunity.com/profiles/76561199794498376

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6

Detect Vidar Stealer 1 IoCs

stealer

resource	yara_rule
sample	family_vidar_v7

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4308-6-0x0000000000400000-0x0000000000700000-memory.dmp