General

  • Target

    f4a6261e73362aa79839724e5e5ac16c

  • Size

    2.0MB

  • MD5

    f4a6261e73362aa79839724e5e5ac16c

  • SHA1

    274257ebb7a5d42b4eced5fa2ab84225258dbc06

  • SHA256

    a47c47929456c062fbee77807051a224910b2218a9e0fe808dae74e5a955c9ef

  • SHA512

    d445560fd8276e8d0b45d6c86919a9f0eba1c62833ec432fe3e42b362a5a0113441287beb7e8182bd9d5d6ac0a2f8a7404bc1f168b43b49a98e04f7ee6eefa34

  • SSDEEP

    24576:su6J33O0c+JY5UZ+XC0kGso6FaI1IXgM6YmenKKSUlmDaGJTA4Pqa6jUvOkQwKYJ:2u0c++OCvkGs9Fap5aLKLkDl+dUvO9Yz

Score
10/10

Malware Config

Signatures

  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Detects executables containing common artifacts observed in infostealers 1 IoCs
  • Quasar family
  • Quasar payload 1 IoCs
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f4a6261e73362aa79839724e5e5ac16c
    .exe windows:5 windows x86 arch:x86

    eb97e4fc5518ac300a92a11673825e0b


    Headers

    Imports

    Sections