General

  • Target

    02.exe

  • Size

    3.1MB

  • MD5

    3053a2a43ba2fbc6e3e3ecbecde806d1

  • SHA1

    6ae60c2879ebe69ac40d149ed5a608250d022dce

  • SHA256

    c1dd6ce8d69876282a88739c537d5a2369a19c4b6cf360af5983c12c9dc3f2d6

  • SHA512

    b9e90616bde8da38d055a510f18f41da9b3f4a64d1b59e4f27af889496edb86c1467273a721ceb6e1c65d9410db523755f5ba7422016bcada2335a8b6038044e

  • SSDEEP

    49152:zvbI22SsaNYfdPBldt698dBcjHsHxNESExk/iLLoGdNTHHB72eh2NT:zvk22SsaNYfdPBldt6+dBcjH0xQX

Score
10/10

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

10.109.9.184:4782

Mutex

1916cb83-b99a-4ecb-a054-4e009de2edc6

Attributes
  • encryption_key

    CE28057C20C1DED27F22AD4254F5C2C5464D46B3

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Signatures

  • Quasar family
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 02.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.