QuasarCertificate[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

QuasarCertificate.exe
Size

642KB
MD5

cb629826288efa3d7a2da174ffe29ee5
SHA1

cdec0d4d7374871dbde4fecfdd17b78230ff6f66
SHA256

83a7be8b495e6279baff71d418bd0dc22631f30b6589e62d6f4f7ea10a110f39
SHA512

ac3118ef9573e21e65e9b48cbb04058f9ea810447c7885cdcfa080b12198319526af053a41eff1edf7211d2ac2d370a800eec6b10f7e5c5b49da01dd0e42287d
SSDEEP

12288:dOCNeDU1aflsDkUsNmlzNpCz6M9Uw1Ozva5jRZJUz2oiCNoaqd:dOCNetckFAp4fjHCaoYaU

Score

1^/10

Malware Config

Signatures

Files

QuasarCertificate.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 608KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ