Overview

overview

10

Static

static

10

RegEdit.exe

windows10-ltsc 2021-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RegEdit.exe

  • Size

    3.1MB

  • MD5

    bfacb0c11a720d61c03412d7f68fb8df

  • SHA1

    06c5304b3d6d75734ae3f8f30c9486dd855f0335

  • SHA256

    e8156e44befb5335f9c18acdd0d428c3a8fa316546a71fbbbd2c64c08f697a3e

  • SHA512

    89a8dcf157e7b390f946925273d34c3f6bf2cdef62e2908f96ceb64e4dbd12d5cb353c7b0e2a37ff59187dd33d3c95ab640295c433ff8e4df760baca3a127cda

  • SSDEEP

    49152:uvHI22SsaNYfdPBldt698dBcjHqEFlymzknoGd9UTHHB72eh2NT:uvo22SsaNYfdPBldt6+dBcjHqEFlE

Score
10/10
dumby bo got ratted lololquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

dumby bo got ratted LOLOL

C2

p-surplus.gl.at.ply.gg:7938

Mutex

6f229673-e6d0-41b5-a1e4-1cbc29eeffd8

Attributes
  • encryption_key

    84EEFDB37698E582E7732B4568EC490426D1D6DF

  • install_name

    d1aler.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Java updater

  • subdirectory

    SubDir

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • RegEdit.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections