Overview

overview

10

Static

static

10

Client-built.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • MD5

    915258a7e777c925ed09d9fc68286416

  • SHA1

    e3891a00f8b4d8475e50257fc44fa56b2ccf1dde

  • SHA256

    2488443e21d0a985cd696e4dbc7c6d7d6b74ced12ab7019e1b78d6925f1c0bbe

  • SHA512

    a44aa6fd33a7eab88c6cf8815018ad0379fb879cb9ec732b6f29854594a0cbdf0876aeceff7bec59e05ef8267bce2df8ddf3f9e1e184d665133044030a73e30f

  • SSDEEP

    49152:vvzG42pda6D+/PjlLOlg6yQipVqxxNESE+k/i+LoGdt0THHB72eh2NT:vvK42pda6D+/PjlLOlZyQipVsxJgd

Score
10/10
virusquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Virus

C2

Decievability-51624.portmap.host:51624

shodanbot.ddns.net:51624
Mutex

8868d68e-d249-4471-8f79-25cca5089c08

Attributes
  • encryption_key

    21D46989A42BE7A28C35A98B4E514E4E4638F38F

  • install_name

    Rust_Cheat.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    System

  • subdirectory

    SubDir

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Client-built.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections