Resubmissions

10/03/2024, 07:22

240310-h7kfhsfc26 10

10/03/2024, 07:19

240310-h5n1xsfb69 10

General

  • Target

    5040-177-0x0000000000500000-0x0000000000584000-memory.dmp

  • Size

    528KB

  • Sample

    240310-h7kfhsfc26

  • MD5

    56bd6eea660379013cdba34805cff09c

  • SHA1

    e4ddf5be04f90dc94d58290b8db4c2115403f939

  • SHA256

    27042c7072c32865dab568ecba26cf60e043e946f89c33b090b55533ab791fa0

  • SHA512

    1aa60f1de5b1931d4c3797711f25fca003835638d97eacb50ebe48da791dc7fc416bdbd7fa2cabff57daa964e6e17c75534b57e1505d294b335f04e310936046

  • SSDEEP

    6144:sTEgdc0YdebGbXOsA6j1RdhAN3CFWdq6jFmvXvcEDOb8F9zVYnzlciwdcTR3a:sTEgdfYVA6S5+zpFVYnrwdcda

Score
10/10

Malware Config

Extracted

Family

quasar

Version

1.4.0

Botnet

hplus20230325

C2

103.136.199.131:4782

158.247.227.231:4782

Mutex

17eb206f-a56e-4361-a18e-7ca16f3b99cc

Attributes
  • encryption_key

    3E9E141AD83C5BD6CE91880C0E256E15401EC674

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Google Chrome Updater

  • subdirectory

    SubDir

Targets

    • Target

      5040-177-0x0000000000500000-0x0000000000584000-memory.dmp

    • Size

      528KB

    • MD5

      56bd6eea660379013cdba34805cff09c

    • SHA1

      e4ddf5be04f90dc94d58290b8db4c2115403f939

    • SHA256

      27042c7072c32865dab568ecba26cf60e043e946f89c33b090b55533ab791fa0

    • SHA512

      1aa60f1de5b1931d4c3797711f25fca003835638d97eacb50ebe48da791dc7fc416bdbd7fa2cabff57daa964e6e17c75534b57e1505d294b335f04e310936046

    • SSDEEP

      6144:sTEgdc0YdebGbXOsA6j1RdhAN3CFWdq6jFmvXvcEDOb8F9zVYnzlciwdcTR3a:sTEgdfYVA6S5+zpFVYnrwdcda

    Score
    1/10

MITRE ATT&CK Matrix

Tasks