Overview

overview

10

Static

static

10

c4ce370872...f4.exe

windows7-x64

10

c4ce370872...f4.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c4ce370872ed6186d6a00aabb37e59936ea264bd5ee7e61bc366aa5fbbfc8cf4

  • Size

    3.2MB

  • MD5

    5d04c84add433ddf601ff9de6862d9bf

  • SHA1

    32e33e2ed46bff117148f21f038b98b462a8fca6

  • SHA256

    c4ce370872ed6186d6a00aabb37e59936ea264bd5ee7e61bc366aa5fbbfc8cf4

  • SHA512

    4fd86b27d75e06900b2b06c772fb3ba1236e39d4c99bf07b21c9fb5545dcd1554e7dc476faf7a5e4e94063d9cb9a8365286a4c553ebc1cddca39580b285be9a0

  • SSDEEP

    49152:QvBt62XlaSFNWPjljiFa2RoUYIJIRJ6MbR3LoGd4CTHHB72eh2NT:Qvr62XlaSFNWPjljiFXRoUYIJIRJ6WI

Score
10/10
parasquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

paras

C2

myhost567098.ddns.net:4782

Mutex

ed3740ef-5b56-4c1b-b8e8-4869a98d9df2

Attributes
  • encryption_key

    DF1B77D370240560AD7587D3FEFAC938EF88DB93

  • install_name

    gta 6.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    gta update

  • subdirectory

    game

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c4ce370872ed6186d6a00aabb37e59936ea264bd5ee7e61bc366aa5fbbfc8cf4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections