Resubmissions

13/02/2023, 05:37

230213-gbnydsae5t 10

13/02/2023, 05:34

230213-f9gfjaae4s 10

General

  • Target

    Client-built.exe

  • Size

    502KB

  • MD5

    5237b93d2d17acaf7a267b15fc0ccbe1

  • SHA1

    6043203d6b444e2a5b7fe987b174de399e86506f

  • SHA256

    84c3dc415b33a603a95326c1fc0334642c9be314c47479012edacb6c1fbf278a

  • SHA512

    9db8957bef2cf0ec1b623d5f51508d807224ad4e52d928e6d73cdbef15cdcaecdacf2230f0472156a9ddc80a5ae6c4203e705e4e11b29dfd767a70b4ccaf313e

  • SSDEEP

    6144:YTEgdc0YlXAGbgiIN2RSBV9icQn1Q1bTCecEcib8F9SU5kxm1VCbcTR3W:YTEgdfY5bgJrBCeMFXSmYbcdW

Score
10/10

Malware Config

Extracted

Family

quasar

Version

1.4.0

Botnet

build

C2

license-boolean.at.ply.gg:29998

Mutex

d997b199-e165-4e11-9fc8-9f99cc4eda57

Attributes
  • encryption_key

    C801F4FDAF210ACC5EE3523E76B50F0FB67C2020

  • install_name

    build.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    windows update

  • subdirectory

    build

Signatures

  • Quasar family
  • Quasar payload 1 IoCs

Files

  • Client-built.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections