Overview

overview

10

Static

static

10

EnigmaSRC..exe

windows7-x64

10

EnigmaSRC..exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    EnigmaSRC..Sln

  • Size

    3.3MB

  • MD5

    bf4ca8258fd2f4df510aa046bbf7b21c

  • SHA1

    79fe2a2cd3df7f83a44c33d2a061d588a8238c07

  • SHA256

    e5473833fb038cbdabc999603e62fb649050e727467e263e2ca90da92028a156

  • SHA512

    aa29baddc0854ab283b14ad2ef1de9bca806576dccfcce4d92675220f5f7f9c4c4a5c6f3f88b6316d765749c4845013ab674cbc1574e9e252d3e179dd0d48828

  • SSDEEP

    49152:tvjt62XlaSFNWPjljiFa2RoUYI8qR16AbR30oGdUTHHB72eh2NT:tvx62XlaSFNWPjljiFXRoUYI8qR161

Score
10/10
enigma.slnquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Enigma.Sln

C2

C:\Users\nigger>:4782

Mutex

79e05c67-893c-4161-b8aa-df3a5e2de8c8

Attributes
  • encryption_key

    180D990AA3B58892A5FBAE1EDF8AAEDB00F4AF8E

  • install_name

    host.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Visual Studios

  • subdirectory

    SubDir

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • EnigmaSRC..Sln
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections