General

  • Target

    2700-191-0x0000000000400000-0x000000000045E000-memory.dmp

  • Size

    376KB

  • Sample

    230801-twhckahe67

  • MD5

    936f795210fc7a683a76020638dc7a74

  • SHA1

    fd17e4b085ea8fe4c848231d7a2d60c36b83a3ff

  • SHA256

    fc6fe0d87a7dc47496e299a65fa2cecbb684f2123897316ae541bfc809ca136f

  • SHA512

    40bfa5e1a958475413950764bd60ff32813f230b745a49cf3141d77016a4ab769a880b55b7e86c04ec757cfb6b7d39e6c4c04b2c63db9c599bd788d049ead363

  • SSDEEP

    6144:yKhJ10FpSizcN9QbLc0kH7B229vyK7Y3MQirbTIvFj+kQfEcUmT40:yK31qK7Y8QizItHQccUmc0

Score
10/10

Malware Config

Extracted

Family

quasar

Version

1.3.0.0

Botnet

-

C2

94.131.105.161:12344

Mutex

QSR_MUTEX_UEgITWnMKnRP3EZFzK

Attributes
  • encryption_key

    5Q0JQBQQfAUHRJTcAIOF

  • install_name

    lient.exe

  • log_directory

    Lugs

  • reconnect_delay

    3000

  • startup_key

    itartup

  • subdirectory

    SubDir

Targets

    • Target

      2700-191-0x0000000000400000-0x000000000045E000-memory.dmp

    • Size

      376KB

    • MD5

      936f795210fc7a683a76020638dc7a74

    • SHA1

      fd17e4b085ea8fe4c848231d7a2d60c36b83a3ff

    • SHA256

      fc6fe0d87a7dc47496e299a65fa2cecbb684f2123897316ae541bfc809ca136f

    • SHA512

      40bfa5e1a958475413950764bd60ff32813f230b745a49cf3141d77016a4ab769a880b55b7e86c04ec757cfb6b7d39e6c4c04b2c63db9c599bd788d049ead363

    • SSDEEP

      6144:yKhJ10FpSizcN9QbLc0kH7B229vyK7Y3MQirbTIvFj+kQfEcUmT40:yK31qK7Y8QizItHQccUmc0

    Score
    1/10

MITRE ATT&CK Matrix

Tasks