General
-
Target
hackkkk.exe
-
Size
3.1MB
-
MD5
3091cf902dac7ca3dc36e82ccc1afed9
-
SHA1
89abfa861d886474546f6fbbe929c8fc27c2eb0b
-
SHA256
61e978264b52d6a441ad8df9ff2036e9a18a08f53c448f8c38acdcddd670ccb7
-
SHA512
6fbe9732116598d736e969f178d32e11560c326e817b2b8bb439f949c4f82c05532e09e82915ce316efc4ba890b0d65858051f33a9301302ca070fb1a7573f8c
-
SSDEEP
49152:0vqfiu2ApaA/+GPwlU/rDgcfEU2RcRJ6gbR3LoGdN3IBTHHB72eh2NT:0voiu2ApaA/+GPwlU/rscfEU2RcRJ66
Score
10/10
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
me myself uz ims tupid
C2
77.111.246.31:4782
217.194.59.187:4782
Mutex
4aa02a07-72c4-47be-baae-7366b4a10658
Attributes
-
encryption_key
67623DBB05F51B94B5F289DD02599CE2AEDD733B
-
install_name
Idkwhattoput.exe
-
log_directory
Keyloggrer
-
reconnect_delay
3000
-
startup_key
google Chrome updater
-
subdirectory
3242ewfds3254tzethdgfdsadg65345wefg ethnz47i 5i676 5etq4whuzhgb f g676ztvdfgb6trdvg
Signatures
-
Quasar family
-
Quasar payload 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
hackkkk.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections