Overview

overview

10

Static

static

10

165faf1b9f...0N.exe

windows7-x64

10

165faf1b9f...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    165faf1b9f14c55db3ef6976d6610b00N.exe

  • Size

    3.1MB

  • MD5

    165faf1b9f14c55db3ef6976d6610b00

  • SHA1

    a30707bddeedd4d194ac5abc75d2c6cf200b4dcb

  • SHA256

    3d021f5c1900ae388e053003f914dc40a240493a7d14e6dedf9aa917ba3e49e0

  • SHA512

    4d4f4ec9e78c731188c04b54f6fca5f0c4c44a8593a00054da5c846c40ac843ceb40ec64ebc579f11710dedf2990bc2bf37882c7a3e138aa415113b54d385c33

  • SSDEEP

    49152:Jvkt62XlaSFNWPjljiFa2RoUYI6JvGEEs1kCqMLoPd83YTHHB72eh2NT:Jv462XlaSFNWPjljiFXRoUYI6JvoS

Score
10/10
newsquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

news

C2

91.92.242.187:1339

Mutex

b145d6e2-b53f-4339-a58e-40baf32fd2c6

Attributes
  • encryption_key

    6AE5FF20585EEC410DCB2BCA272F205210C865F7

  • install_name

    SubDir.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    System Update

  • subdirectory

    SubDir

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 165faf1b9f14c55db3ef6976d6610b00N.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections