Overview

overview

10

Static

static

10

Apex-ghost...E).bat

windows7-x64

1

Apex-ghost...E).bat

windows10-1703-x64

1

Apex-ghost...E).bat

windows10-2004-x64

1

Apex-ghost...E).bat

windows11-21h2-x64

1

Resubmissions

18-06-2024 23:36

240618-3l3eesyhkb 10

18-06-2024 23:34

240618-3kmbtatcml 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Apex-ghostware-apex-hacks.zip

  • Size

    1.2MB

  • Sample

    240618-3kmbtatcml

  • MD5

    69502b41497a8b16bcf388228b75adb8

  • SHA1

    d9953fe774ddb6a31a5cf6e744a8988ce029db50

  • SHA256

    d301b1fa43c202b4bcb45eb25aa8664d2d8f99fa2be9c410cdbbf2b6b8e8bdba

  • SHA512

    c74dc0ce190ce7aa566aea95984cf7043d9140839d948f9b15073f63d30298b08363efe1d85504dd6a990bf9af7a2df61c4a898f2bfeee0937a1161e8bfed06a

  • SSDEEP

    24576:EcZxtAClBDc2rkW7ERjs37nl08X6JA6efqDnj4KDK7KCKx2vkl9TD3T9R:EcZEYlQnjs7l0jJA6efqDnj7L9ov+9xR

Score
10/10
quasarapexv1

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

ApexV1

C2

174.175.46.53:1048

Mutex

c8ba5d8f-6f83-4ae3-ae6c-d1a644d2c509

Attributes
  • encryption_key

    B0ABE169C55CFD4C2E8310DB36202EAF0E98D48D

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    1500

  • startup_key

    Windows Updater Service

  • subdirectory

    SubDir

Targets

    • Target

      Apex-ghostware-apex-hacks/Loader(OPENME).bat

    • Size

      1KB

    • MD5

      a1fe9e32a87b9d3f76da7e7bdb5474a7

    • SHA1

      091b20dfe88c0211406e8844346d8c187aea32aa

    • SHA256

      8942b7d45fd6a4e163280586cc50eb39612aad9880777c7f3945c347d79b30e2

    • SHA512

      f536b8cad043c210a7ac3da3eeb31afe2d7ce1c0f978a17726da5eb6c294b72d4ca169361f045edcc070189d8fac5cc16a152a7c756bb8dcc59cb19e570e3f23

    Score
    1/10
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks