MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 10b2e74fdeacd4b00b7687eca2f1bfe0c30901561453ae6c1b9549406b29615e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 1 Yara 1 Comments

SHA256 hash: 10b2e74fdeacd4b00b7687eca2f1bfe0c30901561453ae6c1b9549406b29615e
SHA3-384 hash: a49f6eee191c02a1d99bf7fdf95dec5700dfb8ca85dd819156488cbee4dae12024d69723191318abfea7a5e794be3f9a
SHA1 hash: 8411fd9c37200436f94a0459c0205b43d2c06a6c
MD5 hash: cb2c94881fae75774b495548bc9e90f7
humanhash: burger-bravo-blue-wyoming
File name:10b2e74fdeacd4b00b7687eca2f1bfe0c30901561453ae6c1b9549406b29615e
Download: download sample
Signature QuasarRAT
File size:1'421'824 bytes
First seen:2020-06-30 06:55:25 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 24576:XSOrFaNXrdg/znNdmkgC+heOwIWOXo8jB:COrENq/LCS+aIWi
TLSH B1657B20A255522FC4F7DAB50611918733D4BD33BB88FB0A6C803199997EA3D1F37A97
Reporter @JAMESWT_MHT
Tags:QuasarRAT

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 28
Origin country IT IT
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16846/
ClamAV No detection
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/10b2e74fdeacd4b00b7687eca2f1bfe0c30901561453ae6c1b9549406b29615e/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Coins
First seen:2020-06-30 02:16:22 UTC
AV detection:20 of 31 (64.52%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   7/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-m9fj6lcnvn/
Tags:spyware discovery persistence
VirusTotal:Virustotal results 1.41%

Yara Signatures


Rule name:Quasar_RAT_1
Author:Florian Roth
Description:Detects Quasar RAT
Reference:https://www.pwc.co.uk/cyber-security/pdf/cloud-hopper-annex-b-final.pdf

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments