General

  • Target

    23d78defb24bc7e2496d016a368054df8f7f9b64988ffcba00dab9311b7329d4.exe

  • Size

    3.1MB

  • MD5

    57caa771cdc49a089b783f3df4e72f99

  • SHA1

    94609144f4752e594e6f569f05cea5c2f80473e0

  • SHA256

    23d78defb24bc7e2496d016a368054df8f7f9b64988ffcba00dab9311b7329d4

  • SHA512

    f145321b4bf217ae71855a86619faf8f17ae8f3f1f13f4611f5e7809cba5c1fe71185d8227897fb7f83741b2cc348792ae918e45d98e9c0d647dcc0f7e3ea2f0

  • SSDEEP

    49152:CvWI22SsaNYfdPBldt698dBcjHM9RJ6DbR3LoGdRVTHHB72eh2NT:Cv722SsaNYfdPBldt6+dBcjHM9RJ61B

Score
10/10

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

7332

C2

149.50.108.116:7332

Mutex

41fce632-c870-4911-98d8-32bfb4cb74f3

Attributes
  • encryption_key

    5F29C07D7CDED6776D9E269C35195B7318EC31BE

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Signatures

  • Quasar family
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 23d78defb24bc7e2496d016a368054df8f7f9b64988ffcba00dab9311b7329d4.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.