Overview

overview

10

Static

static

10

MAGICD_1.exe

windows7_x64

10

MAGICD_1.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MAGICD_1.exe.vir

  • Size

    12.8MB

  • MD5

    ae6fe2df78169ded8716bb674c717f63

  • SHA1

    2766c35c6959da709609f64a3dc1a0154ec2ef5e

  • SHA256

    74aee30ce1fd2e305307be59aa6b15b8a33854af361242547826f3b77a6bb169

  • SHA512

    ca89706908eb7be6f1f3ce4987d1a3718d05b17c09724e849a272d55492ca5ec80e2d9f89b5cc60bebc5e1883be428f890ea062abd7c97585ee0277917007b69

  • SSDEEP

    393216:Hkp1KhW9c5hlERV5RFJzFcguYtN3ZW7FNBQxLd:H81XEhkVhZtN3+FNBu

Score
10/10
pyinstallerquasarredline

Malware Config

Extracted

Family

quasar

Attributes
  • reconnect_delay

    3000

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Quasar Payload 1 IoCs
  • Quasar family
    quasar
  • RedLine Payload 1 IoCs
  • Redline family
    redline
  • Detects Pyinstaller 1 IoCs
    pyinstaller

Files

  • MAGICD_1.exe.vir
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections