Overview

overview

10

Static

static

10

2620-219-0...ry.exe

windows7-x64

2620-219-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2620-219-0x0000000000400000-0x000000000045E000-memory.dmp

  • Size

    376KB

  • Sample

    230309-kkbafaad5v

  • MD5

    efe44f5f76070e08a018530527b30a01

  • SHA1

    662f35740590570bdc3964f007e46c2ec080c770

  • SHA256

    e2951af476b84151ef5fe5b4a35f3fffab06215acaa03e7b6605acaf13082f90

  • SHA512

    0c3c0357042353ad77ff414ecbfb7f0ef26b42c7b97a01d28f3d3a50cce7d20e81c63f1b4a7b02b708d630fef504d30489c632bd2bc590d0cbebba3781c3abf1

  • SSDEEP

    6144:ld6bPXhLApfpioGg8b1TEaU0Bb2ul9ec8tFOJtDLD+Dp0:3mhAp9B8JEaJEjc/LqDp0

Score
10/10
quasarsuccess

Malware Config

Extracted

Family

quasar

Version

1.3.0.0

Botnet

SUCCESS

C2

41.185.97.216:4782

Mutex

MUTEX_QAxMFzrXWG2cbIHPGK

Attributes
  • encryption_key

    4DwUV8AnxPgmXSMeThKb

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    cmd

  • subdirectory

    SubDir

Targets

    • Target

      2620-219-0x0000000000400000-0x000000000045E000-memory.dmp

    • Size

      376KB

    • MD5

      efe44f5f76070e08a018530527b30a01

    • SHA1

      662f35740590570bdc3964f007e46c2ec080c770

    • SHA256

      e2951af476b84151ef5fe5b4a35f3fffab06215acaa03e7b6605acaf13082f90

    • SHA512

      0c3c0357042353ad77ff414ecbfb7f0ef26b42c7b97a01d28f3d3a50cce7d20e81c63f1b4a7b02b708d630fef504d30489c632bd2bc590d0cbebba3781c3abf1

    • SSDEEP

      6144:ld6bPXhLApfpioGg8b1TEaU0Bb2ul9ec8tFOJtDLD+Dp0:3mhAp9B8JEaJEjc/LqDp0

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks