Overview

overview

10

Static

static

4

xxwewe33/B...to.dll

windows7-x64

1

xxwewe33/B...to.dll

windows10-2004-x64

1

xxwewe33/E...IE.exe

windows7-x64

10

xxwewe33/E...IE.exe

windows10-2004-x64

10

xxwewe33/S...op.dll

windows7-x64

1

xxwewe33/S...op.dll

windows10-2004-x64

1

xxwewe33/S...rs.dll

windows7-x64

1

xxwewe33/S...rs.dll

windows10-2004-x64

1

xxwewe33/S...te.dll

windows7-x64

1

xxwewe33/S...te.dll

windows10-2004-x64

1

xxwewe33/S...ry.dll

windows7-x64

1

xxwewe33/S...ry.dll

windows10-2004-x64

1

xxwewe33/S...rs.dll

windows7-x64

1

xxwewe33/S...rs.dll

windows10-2004-x64

1

xxwewe33/S...fe.dll

windows7-x64

1

xxwewe33/S...fe.dll

windows10-2004-x64

1

xxwewe33/S...on.dll

windows7-x64

1

xxwewe33/S...on.dll

windows10-2004-x64

1

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

xxwewe33/a...-0.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a0ec7e778c3692c7dfbbd67783cad77a.bin

  • Size

    9.4MB

  • Sample

    240821-bzl6tatdrh

  • MD5

    d59d8a595c153b160586526efbd28035

  • SHA1

    73478d6c547ed5f7ae875014d5fead169cd9fac9

  • SHA256

    f1360c339823b9b3e5888e7a0a5427f775b078cff2231fd89b74b9b6b8fd1611

  • SHA512

    bd6711c92f57b18ea4333189b925ac6abfd960747eedfb6ad8593d8b473af0c59e01becb3acb9fc1992c84d60ff5d1dfb99fdf4e21929b708dfc8410a6a5ebbf

  • SSDEEP

    196608:fILaphYz2prdqdTJILhDZzv1axU9IlAETVs5ZAv3hpt17DZGvv:w+ph6qRAJMDxwxUmGET+zAvxpt17DZG3

Score
10/10
quasardiscoverylinkpdfspywaretrojan

Malware Config

Targets

    • Target

      xxwewe33/BouncyCastle.Crypto.dll

    • Size

      2.5MB

    • MD5

      f0b3e112ce4807a28e2b5d66a840ed7f

    • SHA1

      54a6743781fd4ceb720331fce92f16186931192d

    • SHA256

      333903c7d22a27098e45fc64b77a264aa220605cfbd3e329c200d7e4b42c881c

    • SHA512

      dc8ec9754c5e86f7e54e75ff3e5859c1b057f90e9c41788037b944a5db2cb3b70060763d0efcbe55ec595bcc47a9c0ff847a4876821470ca1659c31afd5b0190

    • SSDEEP

      49152:OSSJ+G1PjodumkjD6Oc0mqHZwueCtbu9kQN:6xodumo6Lr

    Score
    1/10
    behavioral1behavioral2

    • Target

      xxwewe33/EIUWI383IE.exe

    • Size

      639KB

    • MD5

      c00caf990793d69120a0abc4bf0e3210

    • SHA1

      f5556f65bdbc1dd62286d353312646215a14f079

    • SHA256

      04c777837d0d418e78fddbbb35587b205e1a424adda5a552363e2164cf2df686

    • SHA512

      a93365fc0ecf746c074d08fd784c6af7556d06e2646b2b167b67d03554e8dcc37f67804562fcdb4a09a2e117db3f893e4cc192280145531354cea7605e834e14

    • SSDEEP

      6144:T2aV3QDwJdsnu08zrJU/3AsBzDxm4GBohCv3ER0u+GIIIIIIIhIIIIIIIIIIIIIK:T2aJQDw/snpCu3j+4GBocsm5Q05

    Score
    10/10
    quasarspywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral3behavioral4

    • Target

      xxwewe33/SQLite.Interop.dll

    • Size

      1.7MB

    • MD5

      65ccd6ecb99899083d43f7c24eb8f869

    • SHA1

      27037a9470cc5ed177c0b6688495f3a51996a023

    • SHA256

      aba67c7e6c01856838b8bc6b0ba95e864e1fdcb3750aa7cdc1bc73511cea6fe4

    • SHA512

      533900861fe36cf78b614d6a7ce741ff1172b41cbd5644b4a9542e6ca42702e6fbfb12f0fbaae8f5992320870a15e90b4f7bf180705fc9839db433413860be6d

    • SSDEEP

      49152:c9EeNSPwEW3cFSI4Tfm3hvbHsjAJcAMkP3:c9Nzm31PMo3

    Score
    1/10
    behavioral5behavioral6

    • Target

      xxwewe33/System.Buffers.dll

    • Size

      20KB

    • MD5

      ecdfe8ede869d2ccc6bf99981ea96400

    • SHA1

      2f410a0396bc148ed533ad49b6415fb58dd4d641

    • SHA256

      accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb

    • SHA512

      5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741

    • SSDEEP

      384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e

    Score
    1/10
    behavioral7behavioral8

    • Target

      xxwewe33/System.Data.SQLite.dll

    • Size

      421KB

    • MD5

      edd007cf3fcb18ccef985f58004b1aee

    • SHA1

      c3a697e0552ab600132f8fd4635f78517d4cb4e4

    • SHA256

      9b0581b003161d1605405ab4ae2a31e03bf3287673c148f4a1d90253aaad2c30

    • SHA512

      f848b4c4ba2f95ab9e8f90b5de8d169013b6c0ed7465c24f378c3df44d5bcc52e44c15e05973392e4d53c5b53007c8122ce4fd632d0ac203040fed10abb0b75f

    • SSDEEP

      12288:35douWvsWkOfjL/MEd6/7vfA8SCW1nFNFfcaFeFOFwcGF6cmFWc0FWc8cIcKcUFX:3pjblhW13

    Score
    1/10
    behavioral10behavioral9

    • Target

      xxwewe33/System.Memory.dll

    • Size

      138KB

    • MD5

      f09441a1ee47fb3e6571a3a448e05baf

    • SHA1

      3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde

    • SHA256

      bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f

    • SHA512

      0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6

    • SSDEEP

      3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rcyw/s:OB8l3/aK32qU

    Score
    1/10
    behavioral11behavioral12

    • Target

      xxwewe33/System.Numerics.Vectors.dll

    • Size

      113KB

    • MD5

      aaa2cbf14e06e9d3586d8a4ed455db33

    • SHA1

      3d216458740ad5cb05bc5f7c3491cde44a1e5df0

    • SHA256

      1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183

    • SHA512

      0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8

    • SSDEEP

      1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS

    Score
    1/10
    behavioral13behavioral14

    • Target

      xxwewe33/System.Runtime.CompilerServices.Unsafe.dll

    • Size

      17KB

    • MD5

      c610e828b54001574d86dd2ed730e392

    • SHA1

      180a7baafbc820a838bbaca434032d9d33cceebe

    • SHA256

      37768488e8ef45729bc7d9a2677633c6450042975bb96516e186da6cb9cd0dcf

    • SHA512

      441610d2b9f841d25494d7c82222d07e1d443b0da07f0cf735c25ec82f6cce99a3f3236872aec38cc4df779e615d22469666066ccefed7fe75982eefada46396

    • SSDEEP

      384:EybU8ndrbbT9NWB2WL/uPHRN7bhlsQVryo:Ey5ndvWbMPVryo

    Score
    1/10
    behavioral15behavioral16

    • Target

      xxwewe33/System.Text.Json.dll

    • Size

      628KB

    • MD5

      1e910c502fd2fbca1e30e403c377cc93

    • SHA1

      7edb982b56e225639a6fd9ec3366a7eae8304fdd

    • SHA256

      f581f390c784fb3e67024ab96a26a67cd057645005ec46f84a0ba8aa4f89e92d

    • SHA512

      167237648cdea96798044a424c5b09d239bda4dd3e021d3456067c25ef2f9852cbc638aca6dd3395b542e37dc36ed3b0308044e62736a7f9afc0bbebbcb80f4a

    • SSDEEP

      6144:qMj44zRv2mgUPax4uNyi4mUfimb7MVM8iHtoqurICVLeV+kctox6et9TMxp7Bejm:XjgmexgzgePYmTRJhK3aSVtS1RBuj

    Score
    1/10
    behavioral17behavioral18

    • Target

      xxwewe33/api-ms-win-core-console-l1-1-0.dll

    • Size

      11KB

    • MD5

      3c89c64d591ab2eaf01fbd2253b3a623

    • SHA1

      99b595ed628983c88eb09c484777eea666f631b9

    • SHA256

      0dd2878a9aad0d1a64848db4a1b4e3851fd5bf049c4ba5b726d114ff45fd947a

    • SHA512

      bb370bd639c4b2d25c44d153a7de6dff7fcb8f8af644b6b37243fab1bff282d8d3f13770e6862cf0b348ff83e6d7f73b3aef61e575660debce5664ced50be715

    • SSDEEP

      192:WfAwWOhWrpT71ojDBQABJwqnajLQvTP+8jIrerl:WfVWOhWrSDBRJwlvQyUIrerl

    Score
    3/10
    discovery
    behavioral19

    • Target

      xxwewe33/api-ms-win-core-datetime-l1-1-0.dll

    • Size

      11KB

    • MD5

      6dbcafa7fd0b183040b73e7e1d97674b

    • SHA1

      4a6f7d5ceca5dd225532d95b743fa7b7b724621d

    • SHA256

      289ea86da94de73f0f0de4812caf7eda170ee612c72a713b3036b2669813d15a

    • SHA512

      e7c4dbf91c27c2d1570529e33c47e0e2b77c636a22f32f2956c9a59b5acae8b2721ea5802d85bbd179c7931d1542ca20b526487297be729698027ffd97d4ac44

    • SSDEEP

      192:FWOhWOUT71ojDBQABJwY1UqnajMHxxBNT06YeO7BN:FWOhW+DBRJwHlI66YeO9N

    Score
    3/10
    discovery
    behavioral20

    • Target

      xxwewe33/api-ms-win-core-debug-l1-1-0.dll

    • Size

      11KB

    • MD5

      d9e02887a85903ee3a4fa7f197865274

    • SHA1

      f68904fef682461068ea782f1ed911b124793732

    • SHA256

      9487da37a92b40720ea2ad64ea0c9adc8b3c7bc4fe1f63a0e03e9c7a18943565

    • SHA512

      43fbb849a9a6e41e3b20813ebbe29e9fc233f6c1a7c00f8798f15f5c896bca7f6906a9a65fbc5569b3d5f901d70ab9a6132f8a9f71193f2d7f5559a607d5cf84

    • SSDEEP

      192:4WOhWqT71ojDBQABJTwvveqnajsl/cqtm4t:4WOhWrDBRJTw3elPqr

    Score
    3/10
    discovery
    behavioral21

    • Target

      xxwewe33/api-ms-win-core-errorhandling-l1-1-0.dll

    • Size

      11KB

    • MD5

      fcc2e13d7db99b2f3725046ca7d392d0

    • SHA1

      14d31bc9070a47cc58342aedd17b4ead672da6ea

    • SHA256

      9cc0615a94b0a320f4b675eccbc3f7b8c279d9f692165afc6ce0c877f3981b08

    • SHA512

      bd9c7f3d97413f14abfe75cd2c5cfcb5aa39de05c8f69a2f6bfac554fdcf0eb0e41a32c34a5e7fe78a2bee2ad9d4be2895a33f138f7f0cb9f02dd3725b1893bd

    • SSDEEP

      192:GyfmxD3TWOhW0T71ojDBQABJ2ZqnajxcRGlPHSm:GyfYWOhWZDBRJ2Zll7PHSm

    Score
    3/10
    discovery
    behavioral22

    • Target

      xxwewe33/api-ms-win-core-file-l1-1-0.dll

    • Size

      14KB

    • MD5

      d613baa29afa3db1faa991876dd382f1

    • SHA1

      795ad1269848846294563480750c91abf6bf33af

    • SHA256

      4b2dc152f33cd7d88beba8696a57cd0383f05c50d2fb63672664717766762a1d

    • SHA512

      a7113a430d39a71af764ddddda81f37f280f795ae88f5ab829523b278f82c1487401316c24700be4451a162567c282bcf08390a583ccd18b1baf96cd86ab54b3

    • SSDEEP

      192:zYPvVX8rFTsBWOhWwT71ojDBQABJ9t6qnaj9RlSIFspC:EPvVXbWOhW1DBRJ9t6lBRAIFsI

    Score
    3/10
    discovery
    behavioral23

    • Target

      xxwewe33/api-ms-win-core-file-l1-2-0.dll

    • Size

      11KB

    • MD5

      00d8b4bed48a1bb8a0451b967a902977

    • SHA1

      f10ef17bda66d7cab2840d7f89c6de022a7b3ff2

    • SHA256

      568d7f8551d8b4199db3359d5145bc4cb01d6d2f1347547f47967eb06a45c3b5

    • SHA512

      e248cbc06fc610f315d7efcadb39b5cb85dfe5d40858768d5aea8d41b3b4b23eafe0db2b38cce362fd8ba8bc5eb26e9b2dddc00e2e8615395bca818ecfe0decc

    • SSDEEP

      192:HWOhW7T71ojDBQABJ76qnajMHxxBNT06YeOg:HWOhWIDBRJulI66YeOg

    Score
    3/10
    discovery
    behavioral24

    • Target

      xxwewe33/api-ms-win-core-file-l2-1-0.dll

    • Size

      11KB

    • MD5

      534483b0f4a1924b1ae6d7e66b4a4926

    • SHA1

      4e954316acd216007f4a0225b138e0c0a04fbbed

    • SHA256

      c1bca1bb524c5ae3d877a099f469b6fc34288bab26ae7a7f4fc47cd869f4958d

    • SHA512

      cfad2ddf8a9ad67e36e978726d8a12ca26b180f73122b2e8d19a83f73028a050d9f418e7525f576cc3a9601b3369d4494dddbde620b4011b7ca8a7ec4b0d1b12

    • SSDEEP

      192:tWOhWzT71ojDBQABJUrkqnaj9RlSIFxKV:tWOhWwDBRJ4klBRAIFw

    Score
    3/10
    discovery
    behavioral25

    • Target

      xxwewe33/api-ms-win-core-handle-l1-1-0.dll

    • Size

      11KB

    • MD5

      2bd9500ab908c0e02ca40f19ef647288

    • SHA1

      de8cd89fba64fa131fa842619b10d7d2d8a681d1

    • SHA256

      85546a616d5594b884146aa4e13cdbfe841c9d956e648c6ee4840e6f4428bdcd

    • SHA512

      1a3c5e306b6bedc87c250f8cb1b82e2c736a2c0a8e37c67e287914ff49da88af21722effad8cc4918d06b303989b09b35eb5d545a590be9fa8cdbf9028ef75a4

    • SSDEEP

      192:bWOhWxT71ojDBQABJNf+Q2qnaj9RlSIFr:bWOhWqDBRJN2blBRAIFr

    Score
    3/10
    discovery
    behavioral26

    • Target

      xxwewe33/api-ms-win-core-heap-l1-1-0.dll

    • Size

      11KB

    • MD5

      2bdca93251d247e98e0a907bf68ffc7b

    • SHA1

      84bc13dda79a309b2fb06499eba090359dbe7cbc

    • SHA256

      8434510e84f5ade3453cfe086ed08260d309f761ed922bb8ff9ed436d8575d82

    • SHA512

      e86ec2cf9e964921a912c1992a01ceb8eab36f5d29d444d1c9b0b9b2f3fc4a831e4fe034c7676e52c01150ba037ca6f46f7de669a9aac5eb8bae2b848e65e7c3

    • SSDEEP

      192:iS6lWWOhWDzT71ojDBQABJSWcqnajxcRGlPHi:OlWWOhWsDBRJ0ll7PHi

    Score
    3/10
    discovery
    behavioral27

    • Target

      xxwewe33/api-ms-win-core-interlocked-l1-1-0.dll

    • Size

      11KB

    • MD5

      8a6c74b9a1db0d730af45be603d233c8

    • SHA1

      a6a3e80afeefcc9b34703c6a8ea2c0a94fe998e6

    • SHA256

      75b8eae29ab9acc906aafac2a198fe875d34c22b40acace1cd6c3486d67333ef

    • SHA512

      8f2e6be6a08e393acdb7e50687d6e6faefa9243855d92018bc9be5ffead022e4df96d2d51042a1e2d6d2eadcb88e27f7f4aea8a5314f8fb32c05cb9cededcd99

    • SSDEEP

      192:ClYsFqWOhW+T71ojDBQABJsgqnajLQvTP+8jIrS:ClYsFqWOhWvDBRJsglvQyUIrS

    Score
    3/10
    discovery
    behavioral28

    • Target

      xxwewe33/api-ms-win-core-libraryloader-l1-1-0.dll

    • Size

      11KB

    • MD5

      a9116f560839df0c03be8ad704ab3351

    • SHA1

      3339421f8cb623b244dda6e76ec5b6c7d987af64

    • SHA256

      27078ba4e79087a5c1146f35da386ce043a3c2bbcaed04bd82645eddb6ed896d

    • SHA512

      4bded31406e6de3823a72162ba72968047c48f8373b660a431415811052be622fbf5b4d2123086601440e714dabd703ff0c36ed962590c23144a2e2b00b13ffb

    • SSDEEP

      192:BvuBL3B6WOhWryWT71ojDBQABJFvJCeqnajxcRGlPHZ:BvuBL3B6WOhWryXDBRJCell7PHZ

    Score
    3/10
    discovery
    behavioral29

    • Target

      xxwewe33/api-ms-win-core-localization-l1-2-0.dll

    • Size

      13KB

    • MD5

      73483cbc229c62e129627adbf62b0ffe

    • SHA1

      074ce67665c86355d3218b5e3ea4b1b335095af8

    • SHA256

      13471eb84db95f8270398ef1deb29f0ea024db17e331497545c36eea7b2a3a7c

    • SHA512

      92f06cb8971e29da7607c6b1d1377f21c7e6f0e4a169aaa08326038d5cdb09422b91f4f2d26a7978521e0edbb9cf1235e583f2910048c917ccef8d12c5e1166a

    • SSDEEP

      384:5OMw3zdp3bwjGjue9/0jCRrndbZWOhWlDBRJIXlBRAIFn:5OMwBprwjGjue9/0jCRrndbvs1PIjRAW

    Score
    3/10
    discovery
    behavioral30

    • Target

      xxwewe33/api-ms-win-core-memory-l1-1-0.dll

    • Size

      11KB

    • MD5

      d9e4e446dcccbfa822059dcd16edfc41

    • SHA1

      cded5e8dbf7a00e080432257f95406f5728e739a

    • SHA256

      d70eb06ed4f0c686dda93f35f065ec5e6249e5c737a24249738314c31f9d5202

    • SHA512

      11deace1b537fb770281468efb265d932a22b797ee268fb60d968f2f238cbbead6c60114572932732b1fd8d5682c1080e7e927a25f73ed2f5e85640b080a37a3

    • SSDEEP

      192:oWFWOhW0T71ojDBQABJxAY1hXqnajL1dHx3tKCJAC:DFWOhWZDBRJOY1NlXBtpOC

    Score
    3/10
    discovery
    behavioral31

    • Target

      xxwewe33/api-ms-win-core-namedpipe-l1-1-0.dll

    • Size

      11KB

    • MD5

      bb05cdffc71ac2b0c0fb2cc35b409ec2

    • SHA1

      b327ab67107235beb5fcd1b893a571e21e29f6ff

    • SHA256

      36c42192283f129ff5637a06b7c3d72e5ed8e1c77493623384f2bdac15118f29

    • SHA512

      b55cbf2aaa2f7685925c313d4ce73b8635666e5f2f30e2621fec88f3b526d296e5d1fb5c28bf3ea5e8621b298e01b75542085e9e3d1a966762173a3e53e4240d

    • SSDEEP

      192:iWWOhWYT71ojDBQABJz0ymVqnajLQvTP+8jIrf:1WOhWNDBRJzxmVlvQyUIrf

    Score
    3/10
    discovery
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

pdflink
Score
4/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

quasarspywaretrojan
Score
10/10

behavioral4

quasarspywaretrojan
Score
10/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10