General
-
Target
vcac.exe
-
Size
41.6MB
-
MD5
0fb2af6afdbdaf9206a5505264f0bf71
-
SHA1
2a6a04694b83ac2d4d0c207951fc838072804b6a
-
SHA256
65af8761b34d50026541f9607547c27fb40af28dabbe3f705fe69b551faf8496
-
SHA512
f5edebf5a9d4d0d4e5c11285febace0c65cf998573267da4016af563920de76f970b41661e2888de06cae737b56bc31a19c7f588993fc3e16828cb99c96ef7d7
-
SSDEEP
393216:Q/joxiIE7YoPQtsTTp7Lk3meBcGfd0vYM2krlFk1mX1eq44:Ijoe7rPQts/RLaT5F0vYvXFg
Score
10/10
Malware Config
Extracted
Family
quasar
Attributes
-
reconnect_delay
1
Signatures
-
An infostealer written in Python and packaged with PyInstaller. 1 IoCs
-
Crealstealer family
-
Quasar family
-
Quasar payload 1 IoCs
-
Detects Pyinstaller 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
vcac.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Creal.pyc