quasar | adb9349916189a54ff66650eacd0db73ed931be39e4118f78d21d24b2b8932b4

Sharing

Copy URL

Twitter E-mail

General

Target

Quasar-master.7z
Size

36.1MB
Sample

240521-aa7wjsbg37
MD5

08bad57f597e378608c7a0751ad1bce2
SHA1

2d262a1594df00053f27d7f5da02f0ab7bd4c310
SHA256

adb9349916189a54ff66650eacd0db73ed931be39e4118f78d21d24b2b8932b4
SHA512

c02bbd1b857607635aed9b2f6f492e9cf6a3f0d65adacc9f3520a375dfd7db063abc43d1b04c55c474b69b62d8d944cfa83870329d531765fc75421376949d3d
SSDEEP

786432:GwR6ukkLaLNlOmYGn3AaOlOr7UGrvBPmp6M2Z5HmhJ8Cjmw9dXK2Ub4:GwR6kLaplOcOUrAevB4CHmr8amsdaBb4

Score

10^/10

quasar execution

Malware Config

Extracted

Family

quasar

Attributes

reconnect_delay
5000

Targets

- Target
  
  Quasar-master.7z
- Size
  
  36.1MB
- MD5
  
  08bad57f597e378608c7a0751ad1bce2
- SHA1
  
  2d262a1594df00053f27d7f5da02f0ab7bd4c310
- SHA256
  
  adb9349916189a54ff66650eacd0db73ed931be39e4118f78d21d24b2b8932b4
- SHA512
  
  c02bbd1b857607635aed9b2f6f492e9cf6a3f0d65adacc9f3520a375dfd7db063abc43d1b04c55c474b69b62d8d944cfa83870329d531765fc75421376949d3d
- SSDEEP
  
  786432:GwR6ukkLaLNlOmYGn3AaOlOr7UGrvBPmp6M2Z5HmhJ8Cjmw9dXK2Ub4:GwR6kLaplOcOUrAevB4CHmr8amsdaBb4
Score

3^/10
behavioral1
- Target
  
  Quasar.Server/Forms/FrmStartupAdd.Designer.cs
- Size
  
  7KB
- MD5
  
  a4b906715a401c332b296e52a037c5ae
- SHA1
  
  9182f1190c1904e8b3df6d7ad9d8f3c75c4cf33f
- SHA256
  
  15666df4a9faa77716311680f582f055c7800b1ad06e5a0bed358b90f8ecaccb
- SHA512
  
  b4c46782fd15bea6a0f7958141162ce9bf25d40f3b264f91006def8fedb33c202adb6838d0806d7c66f43420fe142f7dd3016d2f92c82008bb6e53d839d9039e
- SSDEEP
  
  192:FwlZpGcziVTiMu6qqdHqHTauY6B+2IvfEIeNefIUX4WN4J/:FwD4czSTiMuDqdKzauY32QsBN0JIWN41
Score

3^/10
behavioral2
- Target
  
  Quasar.Server/Forms/FrmStartupAdd.cs
- Size
  
  2KB
- MD5
  
  628cdb06b9adab775a422b26af7dfca5
- SHA1
  
  c742589ccb504df664f26170d62c9fd338c9e9ea
- SHA256
  
  0d6721d2f41f3d5a7c3c1b7578270a0654d9a994034bf64be66af459da88da31
- SHA512
  
  cc6fbbabba1a4b144c753380b0519eed0022cb60dc0b8ccaa57eb4baab23144dd4334586252104605ccc1b831fa428978b969a70fa0035a3014689736315bb7c
Score

3^/10
behavioral3
- Target
  
  Quasar.Server/Forms/FrmStartupManager.Designer.cs
- Size
  
  6KB
- MD5
  
  74055a1d5cc2fa52f94c0a463e5e4f6e
- SHA1
  
  f310d9ea779319aac1a794b02ee3f5ade94a58ad
- SHA256
  
  67e0633e67bb139143488412e59424e132722c12a1ab1f2b9d8b59640e7821b5
- SHA512
  
  3bd1d231bbfc4ef04def32599eaa33ac7dc756197f110e2647bb74bcc49688e1220bf3790daa9bb011b02a14e8dcdb13c9a954f705c8110a9d09e2d2e1481b6c
- SSDEEP
  
  192:mwlZpGcziVIUUPLTC6oqzY1G7ZHBXgSXQhjN4G1K:mwD4czSIUUPLTC6oq84hXHgdN4G1K
Score

3^/10
behavioral4
- Target
  
  Quasar.Server/Forms/FrmSystemInformation.Designer.cs
- Size
  
  7KB
- MD5
  
  4e6498d02a371d129fcebbad5e1a648e
- SHA1
  
  9c61ac10b4732654fce43e614dfe12d72a2f2418
- SHA256
  
  ac7ed4bdcd4fea2b2f134f2aace4ad2ea43a4d318a9502fbb8573cb29a0c7e00
- SHA512
  
  193ff730fbdc913987eb04dd7198c6641584fe37cb910812848b820fb5df2b32709793a0363bf227fd2fbad41227aa37ad57fd89f8a234d925e3262109af7b91
- SSDEEP
  
  192:gKwlZpGcziVYdkY1G7ZHgsDNf6x/M4yU/w7H2imXQiN4G1rOtC2:5wD4czScn4AsDNCx/M4yU/w7H25giN45
Score

3^/10
behavioral5
- Target
  
  Quasar.Server/Forms/FrmTaskManager.Designer.cs
- Size
  
  9KB
- MD5
  
  775361b6c988f02c359ad6775d8e6a70
- SHA1
  
  d36419d40e63f030ee2b02f7390d3a3a27c77c5f
- SHA256
  
  dd57a7e73c6407b79f0a4559394cf6d86a9281a67516d0c477956309592f7dd0
- SHA512
  
  2aea9288b63080d41a463b20d90c3cd70b3135c5d8de3a802beb589ad7d5ce2892a180fab712d07f14b9e2aaeae83ef2502148d1104dee74552dadcbaf821c0a
- SSDEEP
  
  192:mwlZpGcziVePxLn1Hu+/w742G04ZAdF7oh3jMRXQd7N4G1uB:mwD4czSePxLn1Hb/w742G04ZArMRjMRj
Score

3^/10
behavioral6
- Target
  
  Quasar.Server/Forms/FrmTaskManager.cs
- Size
  
  5KB
- MD5
  
  c3f78494d0caf1023291e550bd9d8f44
- SHA1
  
  4b4280453192cb681ba47436439fb4aff134bb42
- SHA256
  
  cfa6776027b2f0fc0503166e7392da0ac413b55d7776c4511b4be33127e45c8f
- SHA512
  
  32a86b896240af8531379f717cc873b82c725bcac3f246329600aea27c77f0544172cf29007489b40df3113f37d66e42688ae6467796d003135aa508c9a49274
- SSDEEP
  
  96:Ej4Y2o2FVLqfbkyPvTIxokTU+aTfr+UTR2+cnzBHABQBG8Dce+XZIKMC9L:TQ2FVLqTkyPvEekTU+ajr+UTR6zB9G8E
Score

3^/10
behavioral7
- Target
  
  Quasar.Server/Helper/LogsViewUpdater.cs
- Size
  
  205B
- MD5
  
  9768abf5eb3780d7eb8d002ea5d5b94f
- SHA1
  
  b508bae5f96daec876e22b3c67264badfb679ecb
- SHA256
  
  619aff396e7a1f0bd7fcb9b6cea6291b7628741561cedc22ecc97d6bd43ffc0f
- SHA512
  
  ad8fed819a09f8c3b2edba12c2b67c10485e481b13d985e9620d2180a5ded929af562fbc83320c9a8fc47f7b88a0226aad4223620f8931b80d35ba92c8b9b658
Score

3^/10
behavioral8
- Target
  
  Quasar.Server/Helper/NativeMethodsHelper.cs
- Size
  
  1KB
- MD5
  
  adcea94dd37fcf179fbc616e8e841554
- SHA1
  
  7e6d4e2b6fe3b2f68775eca2edff3bd8c732f476
- SHA256
  
  e5ce29e2df42b558df24829a896592819950f4697357ccf3ccabd1e4000ab11f
- SHA512
  
  50ad9bb6791be283648aaa4d39b57125e82da159aa5b3158be82d14f558057925318eeedd056498307cc62cfeb076938920537055cddcea280690606b20077bf
Score

3^/10
behavioral9
- Target
  
  Quasar.Server/Helper/WindowHelper.cs
- Size
  
  530B
- MD5
  
  68881ec15ccd0aec3b022cc9bd0faa96
- SHA1
  
  ddd7d6202d5939dcb8af6e05a883cc454a610d01
- SHA256
  
  2e435cdbc15b2b6e11eb2d5f45c959f926f0a5e147d831c71a4bc5bc99a0eb25
- SHA512
  
  fa04b83558d5c117d813781eee746dca3411aca0a6b74f22578d5aa8821dbba9aaa05700ed04a872cc7b98572c3e23f040f28085bd77a3050a13c168b2815960
Score

3^/10
behavioral10
- Target
  
  Quasar.Server/obj/Debug/net452/Quasar.exe.withSupportedRuntime.config
- Size
  
  176B
- MD5
  
  c8cd50e8472b71736e6543f5176a0c12
- SHA1
  
  0bd6549820de5a07ac034777b3de60021121405e
- SHA256
  
  b44739eeff82db2b575a45b668893e2fe8fdd24a709cbf0554732fd3520b2190
- SHA512
  
  6e8f77fcca5968788cc9f73c9543ce9ab7b416372bc681093aa8a3aad43af1f06c56fcbc296c7897a3654b86a6f9d0e8b0fe036677cf290957924377bc177d9f
Score

1^/10
behavioral11
- Target
  
  Quasar.Server/obj/Debug/net452/Quasar.pdb
- Size
  
  145KB
- MD5
  
  3d7da9e6b9aa678439befd63b9f2ef4e
- SHA1
  
  1b080c41d4190d4dfff2b43332485576daae4416
- SHA256
  
  bd099a6107c0489442a947476013b416c6fc2ac8ad19ffb6938fc955fe35801e
- SHA512
  
  8e388ca38fddcbc0ce171b2ac81c2345c30438a544d10b06da3afd76ee54419fba92f14442f639c6e071df1bb5dd31e09c9b80a2a87e906dfd4473f83200ff5b
- SSDEEP
  
  1536:G2tMQ2DJlCoBnPP+tNK+gV7UuxajRDtdEQbKFXWznCvrlGcGDqF+lo+nw3uJpxsh:GXDvCopP+tNR1bj1n2F+GIxs5HkVM
Score

3^/10
behavioral12
- Target
  
  Quasar.Server/obj/Debug/net47/Quasar.Server.assets.cache
- Size
  
  4KB
- MD5
  
  d6a0123aae9d64cad23ef13c2979a7b4
- SHA1
  
  f0212aeb6efda31cff1840a984c5183291ff248b
- SHA256
  
  fb136e2b7be03ca95af67d0c3bb31c863408bdc6d9b8eb8c51b396958ca24a0c
- SHA512
  
  d28442d9d72e7d45b097858ea5405eaa382a30c4db52857d778f977b4f90b9ff9e61787e9742342a7bfee723046f11ac02ab36e599565e673ccf137047f17043
- SSDEEP
  
  48:2l0STHDRwoUXlArJiBEaJhC6HOYPU/rTZZ8krv4/peZxtAl4qJiBXddrZU+yGnwP:2pyG9Kt6nHIGwOAJf
Score

3^/10
behavioral13
- Target
  
  Quasar.Server/obj/Quasar.Server.csproj.nuget.dgspec.json
- Size
  
  4KB
- MD5
  
  9cd020a483c6f94d02683de6ebd7e98d
- SHA1
  
  80c27e67db83f1247d6e695054b036a0e4cd39c8
- SHA256
  
  0ddb886a05ce454f00efd706e8e1f5f606e36994f0da49e1bbd80194ea363d98
- SHA512
  
  e8ebb60bb99df1e749c5405f0f08ff851d4f0533968faf0ff8f0b5f8cda063ecabe4455319dc49ae558d061ab66df609b7af07645e743381a06aed3ea8fa7066
- SSDEEP
  
  96:1yhQfU4QNpam0FQfU4QboAKsLa7PfDMC2x0a/:YNpiboAKsLabfDMC2x0a
Score

3^/10
behavioral14
- Target
  
  Quasar.Server/obj/Quasar.Server.csproj.nuget.g.props
- Size
  
  1KB
- MD5
  
  0dea2b987a6fa6270c32cb7d64034070
- SHA1
  
  703fe1093da057ad32dc5d1c7f0055e150df5f51
- SHA256
  
  c13edcf1f765d243074b73a6b1361b62df2542ee3a4a2bcdee80dad4147c7bb6
- SHA512
  
  b4fcf6372ed98367795e592003994972daf874c8a4cf261737823f51633b055e0de35918c9130304de0b2ba52bb96e19448782b39bbb7738f10107461b34d310
Score

3^/10
behavioral15
- Target
  
  Quasar.Server/obj/Quasar.Server.csproj.nuget.g.targets
- Size
  
  294B
- MD5
  
  79ea88591534c135b634219b63cb5d3f
- SHA1
  
  dbd95fba73a25cb0d4764371fe78112638d6265d
- SHA256
  
  c61336980da1e7a3c1cf439b6bb83a7a4e907599bc7e7bc2cfffcd9278e6576c
- SHA512
  
  dccef85e4f8c21911f0a5c1cb6a54754e3be7ca4da50818342588faac3e02ba91d3aa95d3e8a73adbf9884b79f8f1973b7f4a009494e2988a418cf322eb59f12
Score

3^/10
behavioral16
- Target
  
  Quasar.Server/obj/Release/net452/Quasar.exe.withSupportedRuntime.config
- Size
  
  176B
- MD5
  
  c8cd50e8472b71736e6543f5176a0c12
- SHA1
  
  0bd6549820de5a07ac034777b3de60021121405e
- SHA256
  
  b44739eeff82db2b575a45b668893e2fe8fdd24a709cbf0554732fd3520b2190
- SHA512
  
  6e8f77fcca5968788cc9f73c9543ce9ab7b416372bc681093aa8a3aad43af1f06c56fcbc296c7897a3654b86a6f9d0e8b0fe036677cf290957924377bc177d9f
Score

1^/10
behavioral17
- Target
  
  Quasar.sln
- Size
  
  5KB
- MD5
  
  e9a85afe3bed3195a42405f27f5a89a5
- SHA1
  
  39f9163a09d0eb0341a5d4a98359dfae3bcb7b22
- SHA256
  
  3feca5d84a1e4dad4212991b05846667cfd9b87f60e0ee748f67dfdc7846893a
- SHA512
  
  c78b83ea6fd03e0e1019e287aa6cc5462ee8278c8a69905c0b9e22275a136b81f4125edf3cee1c1197dc0ecf5cbce4d12142708975d97407ed15e7aaf33ce7ba
- SSDEEP
  
  48:pP0gBndbYFEcD0e6i/B9QB/AE4izj24Nt7vzRi7oA9a38V+CzkJjThZNLQ4Cz+sp:pN5GEqNwAEA06oSoG4+2+ZtSJgP
Score

3^/10
behavioral18
- Target
  
  packages/DotNetZip.Reduced.1.9.1.8/DotNetZip.Reduced.1.9.1.8.nupkg
- Size
  
  139KB
- MD5
  
  6c698da7fa6b90020dc4e72d7d17f1f1
- SHA1
  
  fa7677051d83fb1fa8a63cea33ee10a947f66159
- SHA256
  
  77bb10d0294af756d9aeb8d4e66e77925e6212e5e1aa3718524318b4af4ced1c
- SHA512
  
  99ec07971b4de99bb98dd040ef3236ffe2fd0f8be2382d8f9dfa3b01a29fb243848877b60e6258246b2e3b3af73e5f176a781f67b1c92a5239fd381c40ace376
- SSDEEP
  
  3072:WGSeLbOutKdoaz071xLGTRRLbdu7D7v34sM/mQgA0wcA:WGSqyz07UBI7bOjbx
Score

3^/10
behavioral19
- Target
  
  packages/EntityFramework.6.4.4/EntityFramework.6.4.4.nupkg
- Size
  
  6.1MB
- MD5
  
  5be5ced0e429a8682923a3340932074c
- SHA1
  
  d58411c9c36c679a80c6cdff748fbe7efa2a0205
- SHA256
  
  0a603c6434f76660406f3210453d201fe2521b6ae875601f68f4b13ab9212ddc
- SHA512
  
  fb19b748675e145e18143d7fa5be46498b10a331a7b9bccc5988b34f8aa5d85547146cf1c054969b621166714f79cd0bfdec61ab0178bef95baa7c2c8d0db7b0
- SSDEEP
  
  196608:iKSAUymWcPrrbQwymRYbT0gw+r76T3n5sXT7CZCdM81zgtmKg:iKS7WcPrrrrRYbwgwMmT3ny7Pq81zqmp
Score

3^/10
behavioral20
- Target
  
  packages/EntityFramework.6.4.4/tools/EntityFramework6.PS2.psm1
- Size
  
  32KB
- MD5
  
  229a480f57dae34f3a668e0dc198c2ef
- SHA1
  
  f41a603b9c50def403577b61920f5cef0e6b9e6d
- SHA256
  
  44f95244dc84f32e40702de5c9385f8d7bd9cddf8d0d91227e08b242919fee2e
- SHA512
  
  22814a64114655a2660262ba92e1de55990719c6649de6e0d64aafe6cd2583920f5a1fed21dee0622a5cc5e48bf1cbadce68cd7e24617c237da3a4354dfbc07b
- SSDEEP
  
  768:fKVIIAC39jdofZEQ61CggJeZJGBr+G8iE2zDPZ1EjKfd4n:feIIACtjdofZ561CgkeZm+H52zDPHEGk
Score

3^/10

execution
behavioral21
- Target
  
  packages/EntityFramework.6.4.4/tools/EntityFramework6.psm1
- Size
  
  52KB
- MD5
  
  1b438830437efb77c496e75956df8146
- SHA1
  
  449c815597904f8f1ab44efb22f7f263c3c61b97
- SHA256
  
  686dfd4531cd22f4f6962081d96eb0bf505ec257f911c5c1b5dbdcba0e96bb45
- SHA512
  
  0e72238dfd785aeaa68d5b520e7d1c595a5c098b7a3b294e65564119c0a505665f9a650245bc519ab0c885617db7b6627cef0defbef7a803ae761e3396f468bf
- SSDEEP
  
  1536:eeIIvCajd7RfZ561IpgkeZ5L49E+HqszbuPCqgLe:eeI2bpgkeLL49E+HqszSPCqR
Score

3^/10

execution
behavioral22
- Target
  
  packages/EntityFramework.6.4.4/tools/init.ps1
- Size
  
  13KB
- MD5
  
  21f53a9982f46413744d0ef3b7c26e95
- SHA1
  
  a2cfbaf8925b7834bf4236545053c37f421ffa48
- SHA256
  
  3f92666a9cbb9c1e41d2fca366b99aca664fb4b62712c595abba49fc9474c9d4
- SHA512
  
  e0119254af201083e57943f272e5034c35105e608e5a65e537db13f992f3f3502d03a22f89268056d612c958712a78b6699f41d04957c5cdb5cbe192dc791698
- SSDEEP
  
  384:oiGWaEvBVHEufVRPHwD2S8DAppYUOCOejGQc3IRQqvaw7cOARrioXOTlV4bmERPt:oQBV1dRP42S8DAkXC/Gh3IRQqCwAOWiq
Score

3^/10

execution
behavioral23
- Target
  
  packages/EntityFramework.6.4.4/tools/install.ps1
- Size
  
  13KB
- MD5
  
  3a390f4fb1324332f4fbc4eebf174cce
- SHA1
  
  13c318be0408abb81ab649f3d293be6a12b548af
- SHA256
  
  e02f2aa7776dace851b3c15e5c70b168ca3eb3d61a06d3cb08c4141c17ce1b8e
- SHA512
  
  6c4d8c23c3e76b824c4a7475fe38c192572cdb4fc9011582b0d5e25176502bdcd804c359cde1bf040cb8304378ccf00f809277306a1e4342a2fac85afd6ccc78
- SSDEEP
  
  384:jSBk9t6/z+DS8pE68mF1+Au4wVO5Qa/Sh8Fqm/krhnh/JBzrR:eBr+G8pE6zeA5w0Caa+Fqm8rhnh/3zd
Score

3^/10

execution
behavioral24
- Target
  
  packages/EntityFramework.6.4.4/tools/net40/any/ef6.exe
- Size
  
  75KB
- MD5
  
  a6f787d3b37334afe22188dff6a30820
- SHA1
  
  e7e5d7dfeaca04eeab27b3882449a9a5340d9d36
- SHA256
  
  0bfb776ed5d03b6b3d36b4842d827a1b9ec280d41f2ec3af71c4e1c8923f1aff
- SHA512
  
  6b6eb2bdf60fe18d34c7ce85924b300506e9c6c4d7d5eaac66e83a7876b69337602921f649e94d17e3ffec7e985bf6c2c9eb8864e7144932fbcdc2a883cdff0a
- SSDEEP
  
  768:KIyHRUXxEnfORqv6q5q4EAjs6ZlrZbbsnVuS9qPKA5kJ4ri1CCQJaAsr8OJN:7cRIoPFEAj5lrZbSuSkC2n2WJaAs4OJN
Score

1^/10
behavioral25
- Target
  
  packages/EntityFramework.6.4.4/tools/net40/win-x86/ef6.exe
- Size
  
  75KB
- MD5
  
  ac9cc37bb6105ffe5f6234511d700201
- SHA1
  
  922bb85e6db74ae0e855502e4545be7af0bb6af7
- SHA256
  
  71f9f9554ac4353ed2dc4b21550e57c306749e3dfe6d208b71f76fbca32ac219
- SHA512
  
  e2a08e448979e6b89ae53e6a0f2e7b9b72f69fc76689488030fd0f5b795847eee7acd39b86ca4f43e75d621ebebedbdd0e06ab9bf627a5642adc01335db95fd8
- SSDEEP
  
  768:7ayHRUXxEnfORqv6q5q4EAjs6ZlrZbbsnVuS9qPKA5kJ4ei1CCQJavS810wg:WcRIoPFEAj5lrZbSuSkC2nzWJavPiwg
Score

1^/10
behavioral26
- Target
  
  packages/EntityFramework.6.4.4/tools/net45/win-x86/ef6.exe
- Size
  
  76KB
- MD5
  
  9eb807e9aba74a268d43425d637efde3
- SHA1
  
  353b6266516b065abe6f841898ce2e53927d3bb5
- SHA256
  
  79a02d8f082ce5ee0abba0675ef6f8ec73f7f5d9722bc5e9729a232b0238307d
- SHA512
  
  33b0b786f0115dd2cd483cf65a6b31be4e4863f3ffa66172cdb85df61b50b8367094e16e561ce002e164c7a51ba1d048c37e9b37aea810402b9374e727ebd475
- SSDEEP
  
  768:d3CeFGz5SvioHSNiNGyzNCzZo7jZiawnouS9qPKAtkJ4Co4ghCQJalocCS6:5j+5SakSNwhPPNuSkCEnR4IJaloS6
Score

1^/10
behavioral27
- Target
  
  packages/EntityFramework.6.4.4/tools/netcoreapp3.0/any/ef6.dll
- Size
  
  87KB
- MD5
  
  41d4334599845313e77329962a1d033c
- SHA1
  
  1adde2be8aa288463f7dbb757f8c0c3e4920c070
- SHA256
  
  1d8abd7a78652ee65a856840d8ae04f74be59e7102f23cc0c0f39dd174cdcbb0
- SHA512
  
  92a083b5707a1160e91e9b85e05e4344b1c3f068f19cfacdeca1180218b6a882d3b59cf01bd7ee2a62c312298c475c793164fc5c0a6cfda7fce9d5dae65e05aa
- SSDEEP
  
  1536:ZzkPyzX7L4M58omeJllllll8llMWu2rXvFoJz29+0HMqrJaAHu3WL:tmyz3koJOMqFpHL
Score

1^/10
behavioral28
- Target
  
  packages/Fody.6.7.0/netclassictask/FodyHelpers.dll
- Size
  
  50KB
- MD5
  
  12e942e94cb3912448c0831a61173693
- SHA1
  
  5ec310e2be98ee217d20f5dea3231dc19065f733
- SHA256
  
  bdac73f912c877a906ab42cf0c079b618c5c5e724a0b743589aa5a1bbe89d6eb
- SHA512
  
  ff4db46230b2eda2039a343979ce23ad401024537283ce4ed6c3c4af122aa7543155e2b7b7b5c42f5dd7fe3c48726a96740b11107bae89a81ae423b57adf92ec
- SSDEEP
  
  768:EEtNsELeNCf5X1S7CIcYd+OTrQnxKSG94ZwoQQOF:/xeNA5A7OQ+7n894dKF
Score

1^/10
behavioral29
- Target
  
  packages/Fody.6.7.0/netclassictask/Mono.Cecil.Pdb.dll
- Size
  
  87KB
- MD5
  
  d37cf77a6db95b677c6ee28f4042dcdc
- SHA1
  
  0d1d6d51d975ebda9887c38ec67d4f02641263aa
- SHA256
  
  d66ad0aa63447e774e689628973d89429f6225887da276c18fda8239f083a422
- SHA512
  
  9ff19fa44314b8f98366e4af1b77aa53f18e70b43acf2d6733cd088b22f435ef7f5bdcf48b7aa87fb2adb34332b42aaa9f1bc2aac6e43bbe5a383c6d2701bf76
- SSDEEP
  
  1536:RfCEVETXo3f+yAvaDvNaPS/vSC6GWALYKXgAJGsZABcbxvjCXeW:tuiQPwvH6TArVJGXB+xveXeW
Score

1^/10
behavioral30
- Target
  
  packages/Fody.6.7.0/netstandardtask/FodyHelpers.dll
- Size
  
  50KB
- MD5
  
  12e942e94cb3912448c0831a61173693
- SHA1
  
  5ec310e2be98ee217d20f5dea3231dc19065f733
- SHA256
  
  bdac73f912c877a906ab42cf0c079b618c5c5e724a0b743589aa5a1bbe89d6eb
- SHA512
  
  ff4db46230b2eda2039a343979ce23ad401024537283ce4ed6c3c4af122aa7543155e2b7b7b5c42f5dd7fe3c48726a96740b11107bae89a81ae423b57adf92ec
- SSDEEP
  
  768:EEtNsELeNCf5X1S7CIcYd+OTrQnxKSG94ZwoQQOF:/xeNA5A7OQ+7n894dKF
Score

1^/10
behavioral31
- Target
  
  packages/Fody.6.7.0/netstandardtask/Mono.Cecil.Pdb.dll
- Size
  
  87KB
- MD5
  
  3c9ceed3e9c520496ed90ca54eccccce
- SHA1
  
  5997092a10ea8e2f3f107f0249a8fda239140495
- SHA256
  
  749cb71888101d574fcb406e5a8d2cd04e2136aec92807ef4755e7a216d5b11e
- SHA512
  
  f4f915ff9685645205ccb0b853d22752419a7cdde603cb1a24ec33540127d9b0e87fc27961a8c055f96f11e5605c73b84b9f79822be7d88cbb1302b32e8ba4cd
- SSDEEP
  
  1536:9ffXkeOyX+6C5S6R7nQmALYKXNgJGsZavcLtvjCXe2:Do5S6R7npArWJGPvEtveXe2
Score

1^/10
behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32