Overview

overview

10

Static

static

10

System.exe

windows7-x64

10

System.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    System.exe

  • Size

    3.1MB

  • MD5

    e80f9a2d968a10ce2bbd655666befe8c

  • SHA1

    d56125da872bda98b592df56baf7fbfdeff94b6d

  • SHA256

    95f172a69bb9e7310bf636d76e310ec9603601e488473f2bdfe3c0e7dd2b9667

  • SHA512

    9bd6e745142143509f64c0239c9e535985c53d5e28ce4fb328f1e4b354c52f081c0545fe80549754a54857338e9b32ac2dfcab5379bca70f05907a55ae10d04c

  • SSDEEP

    49152:Bvuuf2NUaNmwzPWlvdaKM7ZxTwKKoZ2jmZv9oGuDFTHHB72eh2NT:BvJf2NUaNmwzPWlvdaB7ZxTwJoZ2I

Score
10/10
botnetquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

botnet

C2

165.227.31.192:22069

193.161.193.99:64425

193.161.193.99:60470
Mutex

713051d4-4ad4-4ad0-b2ed-4ddd8fe2349d

Attributes
  • encryption_key

    684009117DF150EF232A2EE8AE172085964C1CF0

  • install_name

    System.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Office

  • subdirectory

    Winrar

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • System.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections