General

  • Target

    55c5b0b62609618558f51c5f35380291a4337cae8b14e65dd5ce7b226e9e4096.exe

  • Size

    4.7MB

  • Sample

    241220-eykhdazjc1

  • MD5

    2884a477526c8308e9492845449e7e55

  • SHA1

    eee9ad47bffe627c71529e81bf9daaf95ee3df30

  • SHA256

    55c5b0b62609618558f51c5f35380291a4337cae8b14e65dd5ce7b226e9e4096

  • SHA512

    d4e3694af590f82a1464e403c05c4f7ed34dcd9a91b5b4930d72ae406625952f332b22f3a15aba4a2a412b1967ccb09a7383d2c4140752a1b296e9326f89b5f3

  • SSDEEP

    98304:nTPuv0E+GYYL6xaCOW01gjUYGpriBENypxqD4TIuCrRsr/mmubvhgLHbsdlR9fCp:TmcyhqatWTwrspxC4TIfir/mpbOsdlRK

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Viltrac

C2

51.15.17.193:4782

Mutex

d099b659-69af-41e2-9d7f-a5e64da5be06

Attributes
  • encryption_key

    97599F6E5D14A784CC4DD36B18A277119042FDA8

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      55c5b0b62609618558f51c5f35380291a4337cae8b14e65dd5ce7b226e9e4096.exe

    • Size

      4.7MB

    • MD5

      2884a477526c8308e9492845449e7e55

    • SHA1

      eee9ad47bffe627c71529e81bf9daaf95ee3df30

    • SHA256

      55c5b0b62609618558f51c5f35380291a4337cae8b14e65dd5ce7b226e9e4096

    • SHA512

      d4e3694af590f82a1464e403c05c4f7ed34dcd9a91b5b4930d72ae406625952f332b22f3a15aba4a2a412b1967ccb09a7383d2c4140752a1b296e9326f89b5f3

    • SSDEEP

      98304:nTPuv0E+GYYL6xaCOW01gjUYGpriBENypxqD4TIuCrRsr/mmubvhgLHbsdlR9fCp:TmcyhqatWTwrspxC4TIfir/mpbOsdlRK

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.