Overview

overview

10

Static

static

10

DiscordPTB.exe

windows10-1703-x64

10

Resubmissions

23/10/2023, 17:45

231023-wbtafade55 10

23/10/2023, 17:36

231023-v6x2fadd42 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    DiscordPTB.exe

  • Size

    3.1MB

  • MD5

    ebe6c379abc17d44596c7edadea00708

  • SHA1

    d7206328d949e6c52c6ffbda67da9d58daeddbbb

  • SHA256

    e8cef070f8fb43fde27ed860c68800dada31c25435cef43db0eb42f19eb33a19

  • SHA512

    3b8bb6e1622a33680589fbccbab035c5226e47708385fff5a71d5ba5d078601c6e870a0f20eb6771254e836af4e7aaee100722ef7fb536f3b12a5f3a5dd4fd9b

  • SSDEEP

    49152:rv6lL26AaNeWgPhlmVqvMQ7XSKmMOJ8lZkoGd6CTHHB72eh2NT:rviL26AaNeWgPhlmVqkQ7XSKmZJ8lS

Score
10/10
lolquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

LOL

C2

109.99.113.208:4782

Mutex

c783d80f-88e8-4c9b-ac51-1a1d340aa644

Attributes
  • encryption_key

    DBC2D9FD17755A82110636443EC632DC87944EA7

  • install_name

    DiscordPTB.exe

  • log_directory

    HEHE

  • reconnect_delay

    1000

  • startup_key

    Discord - https://discord.com/download

  • subdirectory

    discordptb

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • DiscordPTB.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections