General

  • Target

    0d4194e0e762d4279f7d77d239c90ed4

  • Size

    2.0MB

  • MD5

    0d4194e0e762d4279f7d77d239c90ed4

  • SHA1

    f4020a04d3dd291db919695e67664d9e84157cff

  • SHA256

    2554202bd5f4271e8f7b41d687536ccd297c618a29e957331fc59dcfa80f9350

  • SHA512

    9bd68943b358241c09c32db7ab73e35d7740fbb5110b902b25d9565ea16694bfaaaa4c5b07e4c288667c7651d3abb0570ba3d76faeccb39e291b3d900c943384

  • SSDEEP

    24576:su6J33O0c+JY5UZ+XC0kGso6FaI1IXgM6YmenKKSUlmDaGJTA4Pqa6jUvOkQwKYm:2u0c++OCvkGs9Fap5aLKLkDl+dUvO9YY

Score
10/10

Malware Config

Signatures

  • Detects Windows executables referencing non-Windows User-Agents 1 IoCs
  • Detects executables containing common artifacts observed in infostealers 1 IoCs
  • Quasar family
  • Quasar payload 1 IoCs
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0d4194e0e762d4279f7d77d239c90ed4
    .exe windows:5 windows x86 arch:x86

    eb97e4fc5518ac300a92a11673825e0b


    Headers

    Imports

    Sections