Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

38420217fd1f953a.js

windows7-x64

10

38420217fd1f953a.js

windows10-2004-x64

1

Resubmissions

23/01/2024, 01:02

240123-bdxqesfbe6 1

23/01/2024, 01:01

240123-bddmjsedhm 1

23/01/2024, 00:58

240123-bbx86sedgm 1

20/01/2024, 00:18

240120-almpragbdr 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    38420217fd1f953a

  • Size

    5KB

  • Sample

    240120-almpragbdr

  • MD5

    76b19bfd24c7645fc24bfdf8a024192f

  • SHA1

    7ef5b3f6c9449074600cf53e2f320411e1a38576

  • SHA256

    84c478a406ff2df2efce83fc347544599663fc0425e4e75705da375fdc347d8d

  • SHA512

    a5980f4f818978fc5ef28bce8008af6aed3563efe79ff8803cdf5de4a67bc1a95ff3c95170c9ee568b40905315e7cf6eeb9699fe2914a8f0c41a7c0062f47a0a

  • SSDEEP

    96:31nxzqZh4rmvKFKB/R6X3bFw/6G4sYiSTh0lmd:3HzqZhTvKF2RwghE3d

Score
10/10
quasaroffice04spywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

192.168.56.1:4782

Mutex

c1ceedd2-f318-4590-9c53-8ee88c52f38a

Attributes
  • encryption_key

    88EB4DDC3FB28980515A85CC2115A91AE05BD421

  • install_name

    Betterurself.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Windows

  • subdirectory

    SubDir

Targets

    • Target

      38420217fd1f953a

    • Size

      5KB

    • MD5

      76b19bfd24c7645fc24bfdf8a024192f

    • SHA1

      7ef5b3f6c9449074600cf53e2f320411e1a38576

    • SHA256

      84c478a406ff2df2efce83fc347544599663fc0425e4e75705da375fdc347d8d

    • SHA512

      a5980f4f818978fc5ef28bce8008af6aed3563efe79ff8803cdf5de4a67bc1a95ff3c95170c9ee568b40905315e7cf6eeb9699fe2914a8f0c41a7c0062f47a0a

    • SSDEEP

      96:31nxzqZh4rmvKFKB/R6X3bFw/6G4sYiSTh0lmd:3HzqZhTvKF2RwghE3d

    Score
    10/10
    quasaroffice04spywaretrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks