General
-
Target
Screenshot 2024-08-18 074538.png
-
Size
438B
-
Sample
240818-gf456syemg
-
MD5
defae0b69cc96fbad96a49f7d010f77c
-
SHA1
d5eb48683ecae119e315ec9961d101feb4c2b01e
-
SHA256
7c91ea4def9a67df04384403beb0975231af0a9f607ec1b3acfa766409ef64d6
-
SHA512
769ee53b9061330218c6e4d3cecb999da2052d0e294b4ccd1a82fb78dc22bef7a29a08141b663fc7e135292840934bfd5b707e81b72895a52360f15dd075e621
Static task
static1
Behavioral task
behavioral1
Sample
Screenshot 2024-08-18 074538.png
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Screenshot 2024-08-18 074538.png
Resource
win10v2004-20240802-en
Malware Config
Extracted
quasar
1.4.1
napalm
napalmwtf-42785.portmap.host:42785
Drownzy-54034.portmap.host:54034
90d42f9c-2535-47cc-9947-9a1a89c43fc4
-
encryption_key
19D2CF4A708769AB5B4B046C13865B4AB48B4C4D
-
install_name
EAC.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
EasyAntiCheat EOS
-
subdirectory
EasyAntiCheat
Targets
-
-
Target
Screenshot 2024-08-18 074538.png
-
Size
438B
-
MD5
defae0b69cc96fbad96a49f7d010f77c
-
SHA1
d5eb48683ecae119e315ec9961d101feb4c2b01e
-
SHA256
7c91ea4def9a67df04384403beb0975231af0a9f607ec1b3acfa766409ef64d6
-
SHA512
769ee53b9061330218c6e4d3cecb999da2052d0e294b4ccd1a82fb78dc22bef7a29a08141b663fc7e135292840934bfd5b707e81b72895a52360f15dd075e621
-
Quasar payload
-
Legitimate hosting services abused for malware hosting/C2
-