Overview

overview

10

Static

static

10

3516-173-0...ry.exe

windows7-x64

3516-173-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3516-173-0x0000000000400000-0x0000000000510000-memory.dmp

  • Size

    1.1MB

  • Sample

    230519-dhfzkseh57

  • MD5

    a30c1f55b3f0f0b47a61f81e7436527b

  • SHA1

    68320cb5a032740a664c956bf9aae5ba001e10fe

  • SHA256

    080d9530a134ef3224585de118af9d62bf09e9e5f25f221829e2606817425c61

  • SHA512

    91f34b477782e60b4853151da193c8c8fa4f2f052547afe1a729b76c6abc64730ac4f134d9457bf87a8da8e6a3ba8e845c2026f116eb75593f531b4bd9f1f3c9

  • SSDEEP

    12288:Zk2ftY5kMJDyGouUqg75HVDBvduzTYTTuzikbSNDC/Nplg36up5cd7Ubl:Z/Y5kMJDyGouUqg75HVDBvdcXNplkTl

Score
10/10
quasarop23

Malware Config

Extracted

Family

quasar

Version

2.7.0.0

Botnet

OP23

C2

vhf.sytes.net:4783

15.235.109.170:4782
Mutex

2vrOj8wCud9msk5z8w

Attributes
  • encryption_key

    ywxbR3BS4B6Rtb7nv9vB

  • install_name

    Venom.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Venom Client Startup

Targets

    • Target

      3516-173-0x0000000000400000-0x0000000000510000-memory.dmp

    • Size

      1.1MB

    • MD5

      a30c1f55b3f0f0b47a61f81e7436527b

    • SHA1

      68320cb5a032740a664c956bf9aae5ba001e10fe

    • SHA256

      080d9530a134ef3224585de118af9d62bf09e9e5f25f221829e2606817425c61

    • SHA512

      91f34b477782e60b4853151da193c8c8fa4f2f052547afe1a729b76c6abc64730ac4f134d9457bf87a8da8e6a3ba8e845c2026f116eb75593f531b4bd9f1f3c9

    • SSDEEP

      12288:Zk2ftY5kMJDyGouUqg75HVDBvduzTYTTuzikbSNDC/Nplg36up5cd7Ubl:Z/Y5kMJDyGouUqg75HVDBvdcXNplkTl

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks