Overview

overview

10

Static

static

10

yappers tool.exe

windows10-ltsc 2021-x64

10

Resubmissions

10-11-2024 21:55

241110-1s8tnswfrf 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    yappers tool.exe

  • Size

    3.1MB

  • Sample

    241110-1s8tnswfrf

  • MD5

    a72b67c219d0c43ec8a220a9ca7fd36b

  • SHA1

    05b5814feb497bccb8db3f8f9ba33bc6127a4ddb

  • SHA256

    c22eff48dc0ba64148c0aae562a9378173f2eef0e34d28feecbdf92e2467aac8

  • SHA512

    4bb6260757d2de7ca15d2fbbcb478c43fc4a004e277371ff4cac99cfa7aefcc69735af009187078781c15aae4d3fccbba16e902b9ac1f55368985e581e4118ab

  • SSDEEP

    49152:fvXI22SsaNYfdPBldt698dBcjH0VxNESEik/irLoGdcwTHHB72eh2NT:fvY22SsaNYfdPBldt6+dBcjHKx93

Score
10/10
quasaroffice04spywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

192.168.56.1:4782

Mutex

4bf4c5ad-7f1a-4773-8654-6a2d2557369b

Attributes
  • encryption_key

    01F444C2483FD9B2FA2B0BBF0F8304FDBD2100F0

  • install_name

    GenisisLoader.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Windows Update

  • subdirectory

    SubDir

Targets

    • Target

      yappers tool.exe

    • Size

      3.1MB

    • MD5

      a72b67c219d0c43ec8a220a9ca7fd36b

    • SHA1

      05b5814feb497bccb8db3f8f9ba33bc6127a4ddb

    • SHA256

      c22eff48dc0ba64148c0aae562a9378173f2eef0e34d28feecbdf92e2467aac8

    • SHA512

      4bb6260757d2de7ca15d2fbbcb478c43fc4a004e277371ff4cac99cfa7aefcc69735af009187078781c15aae4d3fccbba16e902b9ac1f55368985e581e4118ab

    • SSDEEP

      49152:fvXI22SsaNYfdPBldt698dBcjH0VxNESEik/irLoGdcwTHHB72eh2NT:fvY22SsaNYfdPBldt6+dBcjHKx93

    Score
    10/10
    quasaroffice04spywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar family

      quasar

    • Quasar payload

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks