Overview

overview

10

Static

static

10

439e49a4df...98.exe

windows7_x64

10

439e49a4df...98.exe

windows10_x64

10

Resubmissions

23-07-2021 10:14

210723-tke37qc4wx 10

24-06-2021 13:06

210624-tmff1at666 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    439e49a4df2f4bcc359283d02f612e98

  • Size

    527KB

  • MD5

    439e49a4df2f4bcc359283d02f612e98

  • SHA1

    bf6e8632bedeb80e72f664e2d4ca8b260a77115d

  • SHA256

    a792be03af23fe52b708d22df6cadeb3374bb5500416a862eee57ea56db20fd5

  • SHA512

    4d1fd328d45b67ce5a8acb91fe25cbc6e4b6bc252ef95e94cb43ae3264f83f77d0e66cff16fbe8b40a2ac063c8b95758dd6969001a1d56a7e4f96ca3a786c992

Score
10/10
office04quasar

Malware Config

Extracted

Family

quasar

Version

1.4.0

Botnet

Office04

C2

45.77.20.114:1604

Mutex

39083318-6c39-4d8c-beda-fd48beb29cc9

Attributes
  • encryption_key

    7E1D5BE8A11725FE11CAC5785F9684E24960D4AC

  • install_name

    Media.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Media

  • subdirectory

    SubDir

Signatures

  • Quasar Payload 1 IoCs
  • Quasar family
    quasar

Files

  • 439e49a4df2f4bcc359283d02f612e98
    .exe windows x86