Analysis
-
max time kernel
144s -
max time network
146s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
03-11-2024 14:31
Static task
static1
Behavioral task
behavioral1
Sample
5d0cbef4443db02296dfb37c7a9bce838b4beae8f726e6d3f3a60e6dd4691a74.exe
Resource
win7-20240903-en
General
-
Target
5d0cbef4443db02296dfb37c7a9bce838b4beae8f726e6d3f3a60e6dd4691a74.exe
-
Size
774KB
-
MD5
e30f4b28319c4d5d490a36c80698c7c5
-
SHA1
89199dbf12c0ca07992cedcd50ab366c04568fc5
-
SHA256
5d0cbef4443db02296dfb37c7a9bce838b4beae8f726e6d3f3a60e6dd4691a74
-
SHA512
3f2440155e22eb8c6ef359fe17755ffa270da6a6cec99ff31d23766390212895dc27e9aa55ee0b6b5720a96088dbd7be372a3ebf34fff4b756410c70fd52d353
-
SSDEEP
12288:rKnhyuMP6/bbH+NzvZ9KSDdBrxqzdxD0XGfnyr7Ha2/Mg45omnFjkCC1htlJI8XO:8YP6XeRKShcDD0X6nqHa2A5DF8tnI8+
Malware Config
Extracted
quasar
1.3.0.0
VTROY
31.13.224.12:61512
31.13.224.13:61513
QSR_MUTEX_4Q2rJqiVyC7hohzbjx
-
encryption_key
7Vp2dMCHrMjJthQ2Elyy
-
install_name
downloads.exe
-
log_directory
Logs
-
reconnect_delay
5000
-
startup_key
cssrse.exe
-
subdirectory
downloadupdates