add
Behavioral task
behavioral1
Sample
74fcd174f738978c6e31a779dc5035f2.dll
Resource
win7-20231215-en
General
-
Target
74fcd174f738978c6e31a779dc5035f2
-
Size
7.1MB
-
MD5
74fcd174f738978c6e31a779dc5035f2
-
SHA1
c584d596120582f1377c851cc3574d188c6193e7
-
SHA256
1517ce5a10f03310544083fbf98c09df08c64e4bec942ce63c49b0a5d29ed0f0
-
SHA512
2ad632849d5cb8a34234c57c6afd307326767dddb8b3d73cd323fec74cb04b55e40ee4027eb565e53acf0bd128990548d2fa4a88d115ad7f16487907893d9f8c
-
SSDEEP
98304:B8QTNqN1e6VzNL4WeKlpReiGWcQvz4wU6v8iXriR4lJW4JtJMn3deGQLK5bFcAHx:B8QTNqN1zzyGHvzgIMqWY/MntiwbFF
Malware Config
Signatures
-
Quasar family
-
Quasar payload 1 IoCs
resource yara_rule sample family_quasar -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 74fcd174f738978c6e31a779dc5035f2
Files
-
74fcd174f738978c6e31a779dc5035f2.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Exports
Exports
Sections
.text Size: 7.1MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 68B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ