Overview

overview

10

Static

static

10

Build.exe

windows7-x64

10

Build.exe

windows10-2004-x64

10

Resubmissions

11/01/2024, 07:19

240111-h5tamsbegp 10

11/01/2024, 07:06

240111-hxgxmscbf8 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Build.exe

  • Size

    3.1MB

  • MD5

    0ce7316a1ec5e45796363c3473b26150

  • SHA1

    50592355b4051362e816077c0e1068aa73cfb055

  • SHA256

    b704b314c5407ef7edd966ac5482e63d960fd2829993039f2cfa9056ec70fc3f

  • SHA512

    c23c8b477dbc52eced549719afe835f2cc846b1471803ad01f850f3d3a5a3a886b2707d986d0c7f0ecfee5d46b07b0125b441225a06ac2c2f302fe0693b6bc63

  • SSDEEP

    49152:/vRI22SsaNYfdPBldt698dBcjHS4R16jbR3yoGdpTHHB72eh2NT:/vC22SsaNYfdPBldt6+dBcjHS4R16M

Score
10/10
discordslavequasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

DiscordSlave

C2

72.195.133.104:4782

Mutex

8c13242e-0f29-456d-a30d-b36e0d420f2b

Attributes
  • encryption_key

    BBBBAB0EF880986E6604DE8A016942176B219D36

  • install_name

    Discord.exe

  • log_directory

    Temp

  • reconnect_delay

    10

  • startup_key

    MicroSoftWeb2View

  • subdirectory

    Web

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Build.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections