Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

874dc85b74...f5.exe

windows7-x64

10

874dc85b74...f5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    874dc85b74f8ee6a116d38453078905ee487949425e97a42de9b258dd6b8bbf5.exe

  • Size

    3.1MB

  • Sample

    250128-hde9ps1kaj

  • MD5

    c965446805dc5c40e1bffe859716bea7

  • SHA1

    7d6b257f8f830f512552bd11b36bb1fc88a1e966

  • SHA256

    874dc85b74f8ee6a116d38453078905ee487949425e97a42de9b258dd6b8bbf5

  • SHA512

    157b7d59cb94d83dceba138207f1d335df6f9da90c510cbad8e0b252173be05679352de83d2aef2e3ae3d7de58f7253f93422b44680d2cb63e6c3640fd68233b

  • SSDEEP

    49152:bv1I22SsaNYfdPBldt698dBcjHQFwGSBe1LoLdfTHHB72eh2NT:bve22SsaNYfdPBldt6+dBcjH5GD

Score
10/10
quasarprudabackendspywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

PrudaBackend

C2

45.131.108.110:4782

Mutex

8f8e6059-ac4f-4e47-8d62-3ce070083ecf

Attributes
  • encryption_key

    D82EC4913FC5B28DDFF5AC48635D190A9342C6BD

  • install_name

    update.exe

  • log_directory

    Logs

  • reconnect_delay

    2500

  • startup_key

    Runtime Broker.exe

Targets

    • Target

      874dc85b74f8ee6a116d38453078905ee487949425e97a42de9b258dd6b8bbf5.exe

    • Size

      3.1MB

    • MD5

      c965446805dc5c40e1bffe859716bea7

    • SHA1

      7d6b257f8f830f512552bd11b36bb1fc88a1e966

    • SHA256

      874dc85b74f8ee6a116d38453078905ee487949425e97a42de9b258dd6b8bbf5

    • SHA512

      157b7d59cb94d83dceba138207f1d335df6f9da90c510cbad8e0b252173be05679352de83d2aef2e3ae3d7de58f7253f93422b44680d2cb63e6c3640fd68233b

    • SSDEEP

      49152:bv1I22SsaNYfdPBldt698dBcjHQFwGSBe1LoLdfTHHB72eh2NT:bve22SsaNYfdPBldt6+dBcjH5GD

    Score
    10/10
    quasarprudabackendspywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar family

      quasar

    • Quasar payload

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.