Malware researcher, @JayTHL, spotted the recent variant QuasarRAT malware and shared the details in his latest tweet.
https://twitter.com/JayTHL/status/1188498558653206528
VirusTotal details about the malicious link (downloadable):
https://www.virustotal.com/gui/url/97d944bd2b651d772469bb3142d2a743cff089c4c9b90506dd7836be6bb5ddc6/detection
With the help of VT submission of the malicious URL where the malware is hosted, VT takes us to the detection of downloaded malicious binary.
https://www.virustotal.com/gui/file/7eddd7ae2a9c7635cc8ddb303d264e6e28c77109f7e075a4dbb7c7f123a3db51/detection
Full analysis available here: https://www.hybrid-analysis.com/sample/7eddd7ae2a9c7635cc8ddb303d264e6e28c77109f7e075a4dbb7c7f123a3db51/5db5cabc038838d85deae1a5
Indicator of compromise details
URL
hxxp://cdn(.)discordapp(.)com/attachments/539479686233849867/539525152690536458/aimware_by_unoment.exe
Hash values
SHA256: 7eddd7ae2a9c7635cc8ddb303d264e6e28c77109f7e075a4dbb7c7f123a3db51
MD5: 18cbade6358ba14369fd45b81bb6ec5d
Post by
https://twitter.com/JayTHL/status/1188498558653206528
VirusTotal details about the malicious link (downloadable):
https://www.virustotal.com/gui/url/97d944bd2b651d772469bb3142d2a743cff089c4c9b90506dd7836be6bb5ddc6/detection
https://www.virustotal.com/gui/file/7eddd7ae2a9c7635cc8ddb303d264e6e28c77109f7e075a4dbb7c7f123a3db51/detection
Indicator of compromise details
URL
hxxp://cdn(.)discordapp(.)com/attachments/539479686233849867/539525152690536458/aimware_by_unoment.exe
Hash values
SHA256: 7eddd7ae2a9c7635cc8ddb303d264e6e28c77109f7e075a4dbb7c7f123a3db51
MD5: 18cbade6358ba14369fd45b81bb6ec5d
Hashes (SHA256)
|
eef69ca159a373c316a43749e973721829c2336b9cfcd8f09f734df260c23e95
|
3435137ca7df3e1ff8f717a460b50e80d4f35a3bf94507a7f596aecbbd511e5b
|
e7e8392db5612b5c7cd7f4dbc94e8941528195f4bf2e23561880ccd30f3cb10a
|
16ea8bcfe7741637f7b6f4e343a3b1ffd7e11ef35f706397afabbbed141007df
|
de875fe6e9d8cb7d4e865012f746bf1f12a07e96125609cc8d5434ab198ec261
|
4a39446015c4927dd865b5ea92ceb30fe683521fb177de0e7b744671366e5c7b
|
3ffd305c87ffa7bbf1f026a0b407a704ed16b8adadc1f3693721b702405bd1a5
|
0c5cf84db132d4e6f9bffd0c3c4b566cff5917af3078e28d2b1f98af00ff5f09
|
22054f1acaf37d7b733b25e7d9a5fd5ae8fcadd2fa2369f4a7f58a442b23bf0d
|
6d35a5353b42c744f877555813d7b7148f8e90fbb8e2ac60f9a35650642908bc
|
81527cfc36c55614813b6521216068a00eb64b017da58a8b3d0f546abf3647c2
|
7d572b9e0519f03a31055cc9b2abe5cc0e4f4935c5eac1fa7b80ee9365250b36
|
30965f548ee740f53bb159e1aa6b1b1c9780c6fb0d967cf07e21187f7413d292
|
64163574a56709146ffd5f6307712dd18449f90037d5a6d8dcc03e66098da5d7
|
23c5c06678fd0c2af15386359d632311e16376f03fa5f0bead6ad3f3937f6988
|
d94e5b12dd89ac6a3448f359de9211d3b1fe2690b9728af224135099db64adcd
|
db436c616ad19ea7423d7e39428df4e0d1d36439318f02661cfea509803df836
|
ad43d6576e884b6709b7971ecda524325bb769e06382eecf5ba1678f94c23f0c
|
687cfa2ce5338c5d2c3f37551b6f1f91fd0530b796fd4ac84070e67bf7e46b15
|
11ea1b2adc2340f60076f0b45a608c8dd23fb7598290d5a47778cfc87e1961a9
|
cd529257eaddddf5844fac1d3fd3f2fb2634db0fb041ef43dcd24dd48949ebee
|
ce2ea98809e3d00ae9abcb858e4d30418a4c5cbe38cec6257c99fc207a59b296
|
fe71e3e8bfafa746c699b0936dadd819f9e93ec7d425e613ceb8e259f69dc968
|
656dc1f6b08d7149d9d9528ccc01a9ba1055d9b693080e1216fdaa66c8926243
|
08ba24e0aaebd92826ee93485c83a54f7cf76d2696e36686fb3d4f560332ccdd
|
b0c6adef54f7998e49f93158e1c69ad69abb2fd7822d2f8f0a02969598324f63
|
80a3a12a932200da0579e4a50071ea522b1a4a172fd78bccb736c28e989cc8ce
|
3d30f856e5e8ebe1d185e5465970081fc4cf71630e77a7bddabb55dfc9f98704
|
ec73f098193c996e622190283eb595faf4180a7fc34e48f9ace5831bda7f73df
|
cfc90f079a09ed8c3f59365f3d66fe1268570c0811998255e5c0de2e122dd539
|
6969956c0ff6c8936b7e48070f5e5dd2a1146a0ce2cb83317ddd897b2edd78d3
|
0aeb2e77a39921c7e55f62d9df0667687b914a28a51ec0e2c42705325d5d02ee
|
f8466b3e368192db6b503488fd448027422ab8f4a716f7747b93967d90cca96c
|
42b686574187695b6c9320ff8bd25af182b6ffd3e582fc583b3ce3e28f33812d
|
301b0ebc7fa82c107b33b2f12a4a7dd8844e30d012111da60ea9f3b6f43a8eed
|
2e306ce3c8d3030774ffe5b4e8309a81f2f02f2f5de0787ad13f0c4b772f5d94
|
85faf015600f0b8af02d566c721746b5fd89727109dbd7004e65f6704cdccadd
|
b0118cca16b4e022f3a354f4480c9787e962a716f23c0a9f11360f15f30fb405
|
bd58a1471b00298ce1c0a0dcc04a50f9786b500fd3b2ce040c177c2902abb888
|
3e066e8031cf9e09d4f247dc45be9d73ef4c3d1f41e29624c8d8da328af6505e
|
e82e493fcad4c4ba3c2c613b01d665af63e4d4223ec784e49b2d7a11c359faec
|
8e06158d096f4407895848e6257c08f2ba11946686b533a9d0af3b1eed1b05b5
|
3e7939b1f39fca3024331001b5e2421185f2d6bf8c6f2c213f742d507fb6b04a
|
ccbe11842ff3cd440993a95669858612ef2d1edf2a363135363410bdb9ee9b80
|
e9f810336cf31f90fd766df6a05ca241216cc8225f54b6f9d09266ebd5f9bd0a
|
634bf2352acbe1d0217d41c3bfe8ce1fa72b06b3e0a318610ace45b3f533b36b
|
9ac63142cdd7e0cf0afd215673eee456e3801eedbed87e92e90b3595f27d5505
|
5a12d3cfc2f4be6eaeefcbee85fd2abaa7868a129bd23684486b76475f514bb9
|
6ce89e7785ff9a4aebd473a04226b8eb717d8b7df8278b6a2c609465a35cc5e1
|
e587131545a5dfd4fa42c266b628223203935b8b2c3384f95e864758176ba575
|
60e9605a89f135543c8526d295556f8b50f8cd87b182c621d3ac3e1010e53598
|
331cc49eb3257443641d293fda756a23fa977659239ecee97ea2a51a39e6d815
|
aaabed700aba6f99c0b4f8b67eba3178c36fa27220679aa0056d7dcab3149a77
|
8a4a47a13453784db6cafd45818ffda4a3c7c9d4b24aaefb25efc661ff394e39
|
2bab6b81e8d424ddc60673f975689c3423b923866cef59ea8580beca06fb42a2
|
a1cbb663744e0142cc41b293b0a29975f27e316c911312c33a49d783aa530757
|
0b66cec4c83a01487185b49ef20ddc145797cff0dcea6d6f84523c6e0fdde8f9
|
d91599db63c3a0325e0a09dfece25ea1484e39f04052246918b9b8865f2aaf46
|
73003fa41bf6102da0b887ade4be461faf4a6d83c972a2a54a42c0e96671c78d
|
f22eeea7cc3803a6d0137361cab326160a7062a375d611962cbd49da127ca646
|
db77ba4de800deda4558d10dbb211f570ba282ad404de11040790bf7c1ea9be4
|
d92faa9ccaf03c74c0caf5ef7557719430ee4a0459653fe61652bd5ed67ac89d
|
dd8a3b2efbf540b79ecb514029611ad974f34294768137ad15f575b5de76a0a6
|
feaeaf586b9d4b320bdd3a23b2a08f1617609f575f52441b35213f2f76795c2d
|
341a1d43cc0ec0d093bb12c485f05d284d2734ead5cee5c2b119b907bcefceb1
|
03ccb403722acb37e2fbc7370bbdd5460d8d9ffc82ac248f98a6182cca2105eb
|
a660ad350270ad0e96a578c3fdfba72d2399fe09438f8ecb79d4c831bb35ea4f
|
6c59ac2d51e7f06e82b33c697107a0ba27779382f07754fa9f0e283be84940e5
|
a8c6db1806d4d1a61f50deed3b6be2fb2ae8fb96b2a9adf31cf63246742c2222
|
893ed13d74cadec7c529a6b5dd5c05b242266cd6ae40212a99760bab840faf3c
|
300d134b52e3411c83d99791faf60637f90a7a937c009a3b3b97cfb89970724a
|
9bf0a13dbb62e85c94b83e8346ccdd87aafa17ea42de07c3a11240ec3999cd01
|
774b46c1435d90866f96e5c9cd42c9f8b031f52dde2c697e0e5308b9c829b7bd
|
12a064ba5e8bcaf5d6ece0edf954f22da4dd154d5f023e04609851b350a71dd9
|
9ecd37e1c59d700bde853b0754f44a5f39c22920c296efc47c41052f51be1f11
|
efe40f50e7a4309443623cc07bac2cd04a34c7998bdfdbdd8d4767825cfd5a43
|
21e0eef49f0c1c6fec5ebf2f1ba5fe8fb7ff8879f77a1a8cf344d018a9d48926
|
8bdcbb7eaec5f677edb883f1c69c8dbde8ccf310529feb955a05863c1716d40c
|
5e589ed0dbd22ddde86cd9e2a73e3df5725985648dca3208ac78168335d2a9a4
|
7917f8fd73745ca7700ff16f4aa60f53da4963c3befb5cf4302ed9ef66557ea4
|
9c2adff67e92c3c3e062803b9374d763f58c8791bf0da512d14bf69c0fc72ae3
|
ca88385b5be8c5162bce8e96f9a64a4f83966f69ba8ecb60d8dc44451f15e472
|
4dab190d819bf458930d3cb576063cdb982a3b79ad474920eb7f94c1b6b0ce56
|
28aa673ef01614173f399c1b370040ed5b4d82a4e980223536c85179ab8d0913
|
73a54ff1a4b3a7e79a428d6abd6c070caba141cd67055ae639eba726f7a47597
|
1ed4cf66301ffced00723d28d94a388aca5c09bc0a81f4637c8f43adb31b9e6b
|
1c9608fd07d1354b76ccacea2bd849df243549901b23c86a210051762e143bea
|
15665bb773f9c60f8fbd7d8e4911f3ffd0c62efc1fafef3dda194cd2f7ec82f6
|
d0a886f7f5290c0f144082d5d0a0559fb5bbe701cbecd91e979f90e8aa20d49d
|
d0a886f7f5290c0f144082d5d0a0559fb5bbe701cbecd91e979f90e8aa20d49d
|
162f0752e87f08fc0c5391736d06b24cb1140268975854532715dfc07a3d7bbc
|
5d47222daa75677423229dd26fc532b52b4ada8fac49aa22e9fdfc086e5e5228
|
b2d0b78d27b1c437f253a29c7a6488e52087c68e9460fc6c0c110d66b7d6ffbb
|
4db0d6b7ff9d8d4d438980fedea7a044c4e0986166a73ab011dc2e24a3212ce9
|
cacd11f2fc3eee088677da390820d86070f376bff9f779579e6155a9861b618b
|
0c81c98a58241271893cc82cb8f4c6547b60da90687df99ee0ba5ee7e503563b
|
766478e6d69e8c6e617e4aa9ba94283f73bceb0e3b1fc21c537ca4477ea56e8d
|
1ac9b4660a718fc6e6884f52ec7bfbe3e6e91bd35935582a282e0db90c3d2a12
|
33a84165ae372f11a5499266a6960670852736b7fbb7f13fa62cc1b628f0b2d4
|
ba85749b999b626a616a8ab24492878015ef27eea2e150189db6582359a3d987
|
Post by
No comments:
Post a Comment