General
-
Target
vanta_cheats.exe
-
Size
3.1MB
-
Sample
240316-vp2y3afc3s
-
MD5
c54044566c3352b28327ddc294695ab5
-
SHA1
a89732e18c53ef1659a898b6fac49c24294b6c14
-
SHA256
8d0e093031c670b3ee069bbecc4960d21cbb87f26ed88c555ab171223321ba3e
-
SHA512
44b4c243bc6e07495ad4929ea5e9abebd17393d4d2f84d9525ab8df9c5f69418bb917b2aa6581bdeddab5e4af194436fbb0eb6a59d0de446bbe43a76ae5c3de4
-
SSDEEP
98304:GgDl7C18IJXKLUbdgPNBnBt+O2dvdK0UaP+1:GgDlu18IJXZbd67BYO2dEaY
Static task
static1
Behavioral task
behavioral1
Sample
vanta_cheats.exe
Resource
win7-20240215-en
Malware Config
Extracted
quasar
1.4.1
CC
shipping-this.gl.at.ply.gg:65482
be7c8be5-1c90-4041-93b3-9ed6c07a5447
-
encryption_key
8EC72619299BC687C66FCFA592B13A27DAF9DC23
-
install_name
Vanta_slotted.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Edge
-
subdirectory
SubDir
Targets
-
-
Target
vanta_cheats.exe
-
Size
3.1MB
-
MD5
c54044566c3352b28327ddc294695ab5
-
SHA1
a89732e18c53ef1659a898b6fac49c24294b6c14
-
SHA256
8d0e093031c670b3ee069bbecc4960d21cbb87f26ed88c555ab171223321ba3e
-
SHA512
44b4c243bc6e07495ad4929ea5e9abebd17393d4d2f84d9525ab8df9c5f69418bb917b2aa6581bdeddab5e4af194436fbb0eb6a59d0de446bbe43a76ae5c3de4
-
SSDEEP
98304:GgDl7C18IJXKLUbdgPNBnBt+O2dvdK0UaP+1:GgDlu18IJXZbd67BYO2dEaY
-
Quasar payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-