Resubmissions

17-06-2021 13:06

210617-e9xpw8561s 10

14-06-2021 16:02

210614-ntxhahdk2n 10

General

  • Target

    DOCUMENT.EXE

  • Size

    1.1MB

  • Sample

    210614-ntxhahdk2n

  • MD5

    53964b6a40bfe2b10d36ba5e3d52966a

  • SHA1

    b459111cfb08fb42238e8421583cea226226e769

  • SHA256

    4dcc4adaa8c709d9db205c7267ec6da26930c0420aa54a77fed6217a9e6fdb98

  • SHA512

    03847f73a33a43bf84666db4a70167506d17b567f404098fd5237b704d30d1b35d7d50d2812a1f5c1b735bf13b915a448e3be9f8af9c3cc253f8ae6eacc3fea8

Score
10/10

Malware Config

Targets

    • Target

      DOCUMENT.EXE

    • Size

      1.1MB

    • MD5

      53964b6a40bfe2b10d36ba5e3d52966a

    • SHA1

      b459111cfb08fb42238e8421583cea226226e769

    • SHA256

      4dcc4adaa8c709d9db205c7267ec6da26930c0420aa54a77fed6217a9e6fdb98

    • SHA512

      03847f73a33a43bf84666db4a70167506d17b567f404098fd5237b704d30d1b35d7d50d2812a1f5c1b735bf13b915a448e3be9f8af9c3cc253f8ae6eacc3fea8

    Score
    10/10
    • Quasar Payload

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks