Overview

overview

10

Static

static

10

Virus4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Virus4.exe

  • Size

    348KB

  • MD5

    6c4612f6b207a0eb617b398da7b7f59d

  • SHA1

    34619dc1f2d62f62860d101652a0e150cd4bf817

  • SHA256

    f6b0fc6a5f4a112d39fcd842b40ed94d1b5ce5497740a203d387f8b8671e6197

  • SHA512

    5c8d3c5311f94732bda158ff10c7c6e88581972cd7271a548c6db1db90fed4fc531c9fcc57b9910b0ac863db305b9d455916da710b5b97181b604bce70685bc7

  • SSDEEP

    6144:t16bPXhLApfp/eJ3NP9rVD6ykbgD/IuU8dIVlF7rPa:fmhApkJJ9rVDNjTIuUGIx7rPa

Score
10/10
hackeado papuquasar

Malware Config

Extracted

Family

quasar

Version

1.3.0.0

Botnet

hackeado papu

C2

dbxs31c.localto.net:3491

Mutex

QSR_MUTEX_Da9VX0BUJqFSTadPhi

Attributes
  • encryption_key

    I8mNHC6UK41sX6rFwFmk

  • install_name

    Windows.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Windows

  • subdirectory

    SubDir

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Virus4.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections