Overview

overview

10

Static

static

10

hopefully working.exe

windows7-x64

10

hopefully working.exe

windows10-2004-x64

10

hopefully working.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hopefully working.exe

  • Size

    3.1MB

  • Sample

    241225-xs71latnam

  • MD5

    d99ad666c46f6027182170b415628651

  • SHA1

    95e57ce111b72ea7b062e3d87165416eb6ee6141

  • SHA256

    3d8d2e7e8d205f96165c848b68671b13fc419ae0429a6079999344a925f44d41

  • SHA512

    af808083c25b323120bcee39189fc06391a97f54dc11724c33070dfe6bddf32dbd2fef4543a8202eec5d77a7b2d25a76dcb952de48d5c5b81bc0cae8d4bddacc

  • SSDEEP

    49152:HvIcfX2hcawDEhPLl8r/ptXpga584hxOEMkak/Jx3oGdq7sfTHHB72eh2NT:HvBv2hcawDEhPLl8r/XXpga584hx99

Score
10/10
quasarminecraft_updaterspywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

minecraft_updater

C2

98.97.12.133:631

98.97.12.133:41685

98.97.12.133:5353

98.97.12.133:34735
Mutex

182d06ff-972f-4a96-b344-59a01694d374

Attributes
  • encryption_key

    C5904FDD788EA00F921C538B9FE80C0B0A0DE728

  • install_name

    MinecraftUpdater.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    MinecraftUpdater

  • subdirectory

    SubDir

Targets

    • Target

      hopefully working.exe

    • Size

      3.1MB

    • MD5

      d99ad666c46f6027182170b415628651

    • SHA1

      95e57ce111b72ea7b062e3d87165416eb6ee6141

    • SHA256

      3d8d2e7e8d205f96165c848b68671b13fc419ae0429a6079999344a925f44d41

    • SHA512

      af808083c25b323120bcee39189fc06391a97f54dc11724c33070dfe6bddf32dbd2fef4543a8202eec5d77a7b2d25a76dcb952de48d5c5b81bc0cae8d4bddacc

    • SSDEEP

      49152:HvIcfX2hcawDEhPLl8r/ptXpga584hxOEMkak/Jx3oGdq7sfTHHB72eh2NT:HvBv2hcawDEhPLl8r/XXpga584hx99

    Score
    10/10
    quasarminecraft_updaterspywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar family

      quasar

    • Quasar payload

    • Executes dropped EXE

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks