General
-
Target
vir.exe
-
Size
311.5MB
-
Sample
240524-1q2mkscd71
-
MD5
eb9490492b00c4f14cf133acf95edfe4
-
SHA1
1d903edafd1429d1554d5b4298496f96129e388b
-
SHA256
f0025dabe2f4c075dbe09bc534dbe94939d0ae6d45ee4450ec7943fa36fb09cc
-
SHA512
175f1da82762237282390a3dc1be3164c81b3416514b2bfd16eb1b51e50a9bbabce809baf5f68dad6720df73d5bbedc736999597063ebb9070396cb910d98b72
-
SSDEEP
6291456:Y2qVJw+odBeWFv1k4R4b0ewZkhT4ofHwJjvZDQPf2tLSkHldHVeVM:rr+WeSWgfecGT4RjvqP85TAK
Malware Config
Extracted
quasar
-
reconnect_delay
3000
Targets
-
-
Target
vir.exe
-
Size
311.5MB
-
MD5
eb9490492b00c4f14cf133acf95edfe4
-
SHA1
1d903edafd1429d1554d5b4298496f96129e388b
-
SHA256
f0025dabe2f4c075dbe09bc534dbe94939d0ae6d45ee4450ec7943fa36fb09cc
-
SHA512
175f1da82762237282390a3dc1be3164c81b3416514b2bfd16eb1b51e50a9bbabce809baf5f68dad6720df73d5bbedc736999597063ebb9070396cb910d98b72
-
SSDEEP
6291456:Y2qVJw+odBeWFv1k4R4b0ewZkhT4ofHwJjvZDQPf2tLSkHldHVeVM:rr+WeSWgfecGT4RjvqP85TAK
-
Detect Umbral payload
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-