Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Client-built.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    709KB

  • Sample

    250321-kna4vazky2

  • MD5

    fd6c070bd73e1d309f88673d8d58473c

  • SHA1

    f0484f8b8027dcdfead9b003cfb45d21f2d149d0

  • SHA256

    9bff660ecc7e30532b88fdaf74b6e753038e6f9f5c025e0d0cbcc39746f5eb12

  • SHA512

    e94c82546d067230847ce5f98e9df1b6404557d0c1e408ff75cc9fecf044916be753e77e2b1568fafcfb8cd5bad06be53e9c085b2de1cc6d8a4640db7140cd8d

  • SSDEEP

    12288:Xzp8wFhYlxlRE2RfavhwYQlMyBIXA6uFT2rKB7O5I:Xzp8wFS/lYh++XaT2IO5I

Score
10/10
quasaroffice04discoveryspywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.5.0

Botnet

Office04

C2

things-therapist.gl.at.ply.gg:55709

Mutex

46695859-704e-4cc6-882e-2e79ebc7fa26

Attributes
  • encryption_key

    5E02B559228DEC6AB6F3A4E76D7B3E6DDA1F950D

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Modded Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.exe

    • Size

      709KB

    • MD5

      fd6c070bd73e1d309f88673d8d58473c

    • SHA1

      f0484f8b8027dcdfead9b003cfb45d21f2d149d0

    • SHA256

      9bff660ecc7e30532b88fdaf74b6e753038e6f9f5c025e0d0cbcc39746f5eb12

    • SHA512

      e94c82546d067230847ce5f98e9df1b6404557d0c1e408ff75cc9fecf044916be753e77e2b1568fafcfb8cd5bad06be53e9c085b2de1cc6d8a4640db7140cd8d

    • SSDEEP

      12288:Xzp8wFhYlxlRE2RfavhwYQlMyBIXA6uFT2rKB7O5I:Xzp8wFS/lYh++XaT2IO5I

    Score
    10/10
    quasaroffice04discoveryspywaretrojan
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks