Overview

overview

10

Static

static

10

Client-built.exe

windows11-21h2-x64

10

Resubmissions

15/04/2024, 15:56

240415-tdqk8aac92 10

15/04/2024, 15:39

240415-s3v2kacc21 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • MD5

    9f2c9c8f1e227bff7aaf17a8dfcc5e52

  • SHA1

    04d5d1ccdf36c64b6dbe4b3f0e144048065e3973

  • SHA256

    0f34b045728e701ec2a70ef07a38f00058c1679aa6e27b91be65ff9c01d0f6cd

  • SHA512

    7cf1a3b836c2ffc00273db9afacaa3f6094ab3c272c60ecec4aa8d3d12fc41e1d1175499a7d6a73a8702cae62097099324e79fa5f1d7e8caa1075a210aed4e14

  • SSDEEP

    49152:Gvct62XlaSFNWPjljiFa2RoUYIUKDKEdHek/aY1oGdKKTHHB72eh2NT:Gvg62XlaSFNWPjljiFXRoUYIUKDsi6

Score
10/10
rat4quasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

rat4

C2

73.193.34.34:4782

Mutex

02ed8f6e-b4ab-48d4-b95b-fbefab7e770d

Attributes
  • encryption_key

    FA3DB627DBE6CFA715A7E39339C9362BAE8F50CE

  • install_name

    JavaUpdater.exe

  • log_directory

    Logs

  • reconnect_delay

    1000

  • startup_key

    Java Updater

  • subdirectory

    SubDir

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Client-built.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections