Overview

overview

10

Static

static

1

Fps unlocker.7z

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Fps unlocker.7z

  • Size

    922KB

  • Sample

    241104-aa1ggaxlax

  • MD5

    9012d7fa174b6a7352ba9fd42db0dc20

  • SHA1

    ce1d6ed32b65e90bfe0f0438c45af71965124567

  • SHA256

    418bca7ff00a6c66b907d677b1c476962d0ae01fc1f69f235aa1394d7809750c

  • SHA512

    a3c48426411ee83cfdf5bf3501cfd1a9ec89b20efed7e69750fcb6bc66298713ed948d681a6f6f4fe219e55be7169c525be3122aa762601d930c037c402abafc

  • SSDEEP

    12288:3x6jffKMhw5vvvs7FAbIlAB5rdOOdSJ7n/jX/BxfK8m+nU2D4c5msVhLmoe:BC3XmvHs7FbABPdSJrT/BhKwPmsV9mJ

Score
10/10
quasaroffice04spywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

Inversin-43597.portmap.host:43597

Mutex

80329fd2-f063-4b06-9c7e-8dbc6278c2a3

Attributes
  • encryption_key

    744EA1A385FEBC6DA96387411B7000D77E66B075

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    java updater

  • subdirectory

    SubDir

Targets

    • Target

      Fps unlocker.7z

    • Size

      922KB

    • MD5

      9012d7fa174b6a7352ba9fd42db0dc20

    • SHA1

      ce1d6ed32b65e90bfe0f0438c45af71965124567

    • SHA256

      418bca7ff00a6c66b907d677b1c476962d0ae01fc1f69f235aa1394d7809750c

    • SHA512

      a3c48426411ee83cfdf5bf3501cfd1a9ec89b20efed7e69750fcb6bc66298713ed948d681a6f6f4fe219e55be7169c525be3122aa762601d930c037c402abafc

    • SSDEEP

      12288:3x6jffKMhw5vvvs7FAbIlAB5rdOOdSJ7n/jX/BxfK8m+nU2D4c5msVhLmoe:BC3XmvHs7FbABPdSJrT/BhKwPmsV9mJ

    Score
    10/10
    quasaroffice04spywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar family

      quasar

    • Quasar payload

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks