General
-
Target
A83B168B629212E96AC8EF12ADB96D9241A16C0F33A45.exe
-
Size
7.8MB
-
MD5
f32a5cdef458cf233840a9c630cc40a2
-
SHA1
5d116e407532c60f9a5fd7e923ca1e074eab8a74
-
SHA256
a83b168b629212e96ac8ef12adb96d9241a16c0f33a459777e31a5b1b458282e
-
SHA512
b97248664a14cee3d9edbe1bbcb04e149e7dc3c546e6137d39b536145a903c96f3be8d2aeb978be324a4fdda66fb9cc0f6cee0f83d7f3b97bbad55a5c5b9d2ee
-
SSDEEP
196608:EbeuqtfLqAor54J5q1FYU0/NsgXhliicCGOpiMqNzWyg:EaDGfuW1FYv2LicCGOr
Score
10/10
Malware Config
Extracted
Family
quasar
Attributes
-
reconnect_delay
3000
Signatures
-
Contains code to disable Windows Defender 1 IoCs
A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
-
Quasar Payload 1 IoCs
-
Quasar family
-
RedLine Payload 1 IoCs
-
Redline family
-
Detects Pyinstaller 1 IoCs
Files
-
A83B168B629212E96AC8EF12ADB96D9241A16C0F33A45.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections