Overview

overview

10

Static

static

10

1236-58-0x...ry.exe

windows7-x64

1236-58-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1236-58-0x0000000000400000-0x000000000045E000-memory.dmp

  • Size

    376KB

  • Sample

    230614-eyhnsadb4v

  • MD5

    6a413dbb04d3a84e38721eb24d1098b3

  • SHA1

    067b78d981ad7eea6f708e168b9d1749af1361e8

  • SHA256

    7ebb77f7f3e6597d0a12b120fafe34cf9ad15fcc0357c63da78a49befe65358a

  • SHA512

    8ba5fac95cfd0583b99b70e021ba6f9235fd32c6e1255e53bd68be1729b820695216a4c2ffdb5a2344bb39b2301011575131e867776b7cec94270b473e545510

  • SSDEEP

    6144:Imwb/c2L0t3lNtfvAbh/6RgWnpbCbxfovZ53I3jm:nH2Lut36tWnpWbx2Iq

Score
10/10
quasar202

Malware Config

Extracted

Family

quasar

Version

1.3.0.0

Botnet

202

C2

windows10-11.ddnsfree.com:5552

windows10-11.ddns.net:5552
Mutex

QSR_MUTEX_boxEKxe8a0LoR2kBL1

Attributes
  • encryption_key

    KuJ4t6tq6AQ5l33A3aYj

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      1236-58-0x0000000000400000-0x000000000045E000-memory.dmp

    • Size

      376KB

    • MD5

      6a413dbb04d3a84e38721eb24d1098b3

    • SHA1

      067b78d981ad7eea6f708e168b9d1749af1361e8

    • SHA256

      7ebb77f7f3e6597d0a12b120fafe34cf9ad15fcc0357c63da78a49befe65358a

    • SHA512

      8ba5fac95cfd0583b99b70e021ba6f9235fd32c6e1255e53bd68be1729b820695216a4c2ffdb5a2344bb39b2301011575131e867776b7cec94270b473e545510

    • SSDEEP

      6144:Imwb/c2L0t3lNtfvAbh/6RgWnpbCbxfovZ53I3jm:nH2Lut36tWnpWbx2Iq

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks