General

  • Target

    QAOTATION.jar

  • Size

    399KB

  • Sample

    200819-xxtxd8vera

  • MD5

    be666fddf4e70621ec1a8fe19348bbc3

  • SHA1

    132069951f67e7bd94cfce57a137b9f82ead15ad

  • SHA256

    3b7e009a2ca84ce2834f422390a85515b80034e4227c05e7522b274e862c7924

  • SHA512

    0ef5796a8bb0913389fefc4c940bd0200189d1227071e6a5a400c55925ee396722fa6107f91f618c9799e339a231ab43a7189378388f0551e2064d2eb9ff62fb

Malware Config

Targets

    • Target

      QAOTATION.jar

    • Size

      399KB

    • MD5

      be666fddf4e70621ec1a8fe19348bbc3

    • SHA1

      132069951f67e7bd94cfce57a137b9f82ead15ad

    • SHA256

      3b7e009a2ca84ce2834f422390a85515b80034e4227c05e7522b274e862c7924

    • SHA512

      0ef5796a8bb0913389fefc4c940bd0200189d1227071e6a5a400c55925ee396722fa6107f91f618c9799e339a231ab43a7189378388f0551e2064d2eb9ff62fb

    • Modifies Windows Defender Real-time Protection settings

    • QarallaxRAT

      Qarallax is a RAT developed by Quaverse and sold as RaaS (RAT as a Service).

    • Qarallax RAT support DLL

    • Sets file execution options in registry

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.