Overview

overview

10

Static

static

10

5b441845c2...13.exe

windows7-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5b441845c2a6dd856d00a56b6dc812a13da0fee80a10e55ed7afd103914e6513.exe

  • Size

    414KB

  • MD5

    a6904914ceeccd8db0aa9c48e74a38de

  • SHA1

    511e05c074d020b2544361edd9228cb74ff3d3f9

  • SHA256

    5b441845c2a6dd856d00a56b6dc812a13da0fee80a10e55ed7afd103914e6513

  • SHA512

    1885e71cb75250e8b1e1f13c3c7a14406063ddc0a97672922dfce0fa9e7da3a6dfa05ebc61f14ad960a29c5b68ff1bbf36deb4debc3af8aa45765cc1f1e7798d

  • SSDEEP

    6144:rpNHXf500M01HGAeLs9hbIArtSOwO5mFu17:Fd50MHGAeUPrDpMFu17

Score
10/10
newquasar

Malware Config

Extracted

Family

quasar

Version

1.3.0.0

Botnet

New

C2

ipaf3.sytes.net:5353

ipaf4.sytes.net:5353
Mutex

QSR_MUTEX_IRT4UgcGhk975OVXdn

Attributes
  • encryption_key

    AWkTsOYsl9wIkH8LUfG4

  • install_name

    Driver.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Drivers

  • subdirectory

    Drivers

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5b441845c2a6dd856d00a56b6dc812a13da0fee80a10e55ed7afd103914e6513.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections