Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

fag2.exe

windows7-x64

10

fag2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fag2.exe

  • Size

    3.1MB

  • Sample

    250128-kgfezstler

  • MD5

    62ecc4488afeb613a7c810bd440b576b

  • SHA1

    246e4ef9a77cea86b1e4d30dc2ebe6e4b029fd7e

  • SHA256

    1ec8c408399a662ff7cdd60cbc8c241559cc4e7b159ffa63ac9751d96dbb8c16

  • SHA512

    268a1d3eee2f5c1e306a3fe007fd7869903de21f92e89bfeca85790e7703985f358f07fb8f82dce74ccf917af1b28f546de9ef193221e2269c6d10ac501f4a75

  • SSDEEP

    49152:3vbI22SsaNYfdPBldt698dBcjH4dRJ6NbR3LoGdDiN1THHB72eh2NT:3vk22SsaNYfdPBldt6+dBcjH4dRJ6fT

Score
10/10
quasaroffice04spywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

100.108.37.105:4444

Mutex

95a85978-c10d-4a09-935b-c02a2a18a609

Attributes
  • encryption_key

    6FDAA03D192B9C03BF83E41A8BBF78996D321E27

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      fag2.exe

    • Size

      3.1MB

    • MD5

      62ecc4488afeb613a7c810bd440b576b

    • SHA1

      246e4ef9a77cea86b1e4d30dc2ebe6e4b029fd7e

    • SHA256

      1ec8c408399a662ff7cdd60cbc8c241559cc4e7b159ffa63ac9751d96dbb8c16

    • SHA512

      268a1d3eee2f5c1e306a3fe007fd7869903de21f92e89bfeca85790e7703985f358f07fb8f82dce74ccf917af1b28f546de9ef193221e2269c6d10ac501f4a75

    • SSDEEP

      49152:3vbI22SsaNYfdPBldt698dBcjH4dRJ6NbR3LoGdDiN1THHB72eh2NT:3vk22SsaNYfdPBldt6+dBcjH4dRJ6fT

    Score
    10/10
    quasaroffice04spywaretrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.