Analysis

  • max time kernel
    357s
  • max time network
    361s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2024, 04:54

General

  • Target

    Quasar v1.4.1/3rdPartyLicenses/BouncyCastle_license.html

  • Size

    1KB

  • MD5

    bf8d5a737e70dd3493a475b8672f14df

  • SHA1

    01d35be1b65293f7ca43ee1045424599923ab54a

  • SHA256

    6b73c0a42d138d1f05b527c7b936e79af9f44a55d52e35f912da15c0dea43d30

  • SHA512

    ecc23ef88b80944ed135233118db167bf5dc161b0392af25ae846010f9993673bbdb62f88bf6de24dc060a48a0cfe96be261d30f5dac2705ed0f01d987fe24b8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Quasar v1.4.1\3rdPartyLicenses\BouncyCastle_license.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3036 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2608

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          67KB

          MD5

          753df6889fd7410a2e9fe333da83a429

          SHA1

          3c425f16e8267186061dd48ac1c77c122962456e

          SHA256

          b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78

          SHA512

          9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          96569f858ddff62050da0b03a807c341

          SHA1

          783c486e1785b6c0e6a36278cac615f6bfb174ba

          SHA256

          dba2dc4f9a476ea95db516d418c43ca88f8f53edfbb0d6e65998f67bd8f94358

          SHA512

          13cd16218e3541b225bf75d064e71e4024e6066a0ac0f6e5922234114a47a73593916b28735efbcd7e160b1c6f99eeb5a0059a3c4b312a913e04f99d4bc1083e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4e8ebe9da9c68df1f79174428728b054

          SHA1

          f07469685f069a240af66d15f294a8b4758fd3a4

          SHA256

          e06927f4aafa37ab81642a4cf8e68e4ec762e922bb2f6e574d2a91ab188c4841

          SHA512

          fd818f48af36e676ac702ce9931221ce5c89225cc863dc9c32e2de18a6898925fc878172797b4562c6ecf8a39887172d81fce284e7d0d3e9a4d9b0a2a1e0e114

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2ab57a915fa13025a2fade6c037d393b

          SHA1

          bb985d70e717ceb3f0f20cba0671ea5fc796e6b8

          SHA256

          1a0e816250967babd904411642afed058b76e48590f0136bf93bfd0979343cdf

          SHA512

          16ac89f0138edc392a1030357269deda47105550a483c840185877e1f3c5ce9bd608025c29558d57c5162a716e8b85829c58de53a945479f7c486bbac9dce982

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          96522acc308d0e40b55f80b03b49aa19

          SHA1

          6764a53b849a1f1de3caa291bb7f691fb0f65dbb

          SHA256

          cf3ecb7c21feeaea3342f7b2d6e74395a0182d5c2539e8eb7dabde824bd18207

          SHA512

          4998de9d3be09056092fcc08d2ceb314a72bcc8f36d1f110ce927bca43b55dfdeb38cde3d296504d3b79ab6856780346c2bda3ad530b979ee579fcda4124baf9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6482459108593f071f1bd321dd035f45

          SHA1

          452e1d2f201198d8e154fde3f492084354478c41

          SHA256

          381b3f9a027303e12ce010831b1049ff78e6b2309b6dc016f1b791977fdc1c81

          SHA512

          2fd05042a871f4570f4f6cbfb35c46309ffc97ba9fe3daf3bcbb87905594ecde1f03a1ebc9548b4f0d1be355cc29ed4dca38471b60c4269b5e409080a4497977

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cad551ca925591e77779c56f4eb740ed

          SHA1

          8a9074754d363710758282164a24404e4f25a04d

          SHA256

          a87233bd8b6bd883280d1c32e7996dae156ede59c53ba826e67f61936d2d0bc0

          SHA512

          4ce3eb5af9fc5f68230f43eeb079fe3453f1936e551806282c856dfa433d7009167559c8d3257f3ab9f43e3e49573079e7ffb41dd7de4b262d630d4286817ee5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          33a3032ec41ce3ae5478a04d2142a459

          SHA1

          41a267327e3a36bafc5a9c91408fb773d35795a4

          SHA256

          76150042806318a73076c0627f89693680b7528b1e47faa74d0eb32791020c12

          SHA512

          5c4270c4671699a3b8a65cd53f981775d88fde61834e787552806350d05c92082242d01b2a0992b808a1f89c97ef68f8647e802290a31ec40f731c683a397161

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f0fb5394edc738fbbd0d756ae74e3763

          SHA1

          d91161b6a619c4a038aa4031299eaf37c9ed8743

          SHA256

          ceb5421b84458e2257bba78e5ef508fe23ca52e4767514cfbeb803d746919528

          SHA512

          63eb5147e9121795690615e83b6508789a5522abee233ed7e4a9886b990daa7dd90824fe18090d89ec2aecc874faab521d6a4f54b73a8f83c86b2b81e099eba2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a61bbcb413f2fb8ff7f45aa65535d00a

          SHA1

          fbee90deb1d7b90cf03727f282037a6935c2798a

          SHA256

          4c2550ec66c5a138b077fefa1467849a7643862e56601d229a42172c86f9b741

          SHA512

          1f6a535aa7d9699b9d1b9beaca7423066a75938fa45c1298d1d751e7670fc39312b27d9954f2886bfbef74c909987d9b6587ad5ecd28c11628ac088bc944be7c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e70f850f64ffe6b5de67f122eeeaa0bc

          SHA1

          71440661fa9a5a3ad8c154ef5a41e3f2a4a04556

          SHA256

          ec29d8c828a83de5aa9850c696b1cc75d4cb0b528db3ab38fb80a6b20a8b961a

          SHA512

          75d83fc62884bbab60e4186a7b98bdd145a9b8fa2b7449ef383ef1849c4fdbe415f22682722e09172f490fd7f84426c81a0afb0d08739e7f6377bffd5ab4a773

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3533a86ae6b715e3d5058e61595d1e6a

          SHA1

          72e6463fd5b7ed01863e467ffcf6db8bf6e73390

          SHA256

          1e632478d1a163ce04f3e696808a133284d4a9dc14f0c684be64d4b05316459c

          SHA512

          37d12e8c266122d7ce30c3c1ae718da61e0833d8aaaf3675c812136f9592eec2f079b8322c6b12c4d9f126c2f27456d0738631f319fd9b399db3b58d56882f6e

        • C:\Users\Admin\AppData\Local\Temp\Cab5D2F.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar5E8E.tmp

          Filesize

          112KB

          MD5

          6bcdfaae6ddda4c65da984caa6a0ecae

          SHA1

          2c8063a140c1adfae0f2912e8b200148f5d0642b

          SHA256

          cb4d48aecf71c4037487c5442895324eba0cb789965f6fa54b4db54fd6de7178

          SHA512

          918f789d7f8c448b8d7de1d9e27fb2c5589d6e78982eb1d2dc9df0729d433759b531a538040c9cbb879daa903b6ce4e513369927808fcb9b2fbb1af681c4220d