General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
240614-nccebasarn
-
MD5
f4b998836fb1b6c39db4595d5c84f695
-
SHA1
4f16db34da13190ca66c425f41611d4feec2ad5a
-
SHA256
40f98d7fbfe7b67d42dd7283eac6a78772d11fd15b7417ad87668ede8b720d10
-
SHA512
40e742bc94e39dfecfb3a345b7e2cb79d95e5055bac8041618b440b2ca0a179f2b7be78ac428a162ceda7e0ad1ecd176558735728e4fd5142b189a7ccbd927c8
-
SSDEEP
98304:SvI22SsaNYfdPBldt6+dBcjHxdfiMuwrR:Ud7jRdZuwrR
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win7-20240611-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.1.61:4782
0e842667-4449-4827-a1df-8a7b226ad226
-
encryption_key
BC40E9AA01DDEF86F859374E48D80D397A6EB8D3
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
f4b998836fb1b6c39db4595d5c84f695
-
SHA1
4f16db34da13190ca66c425f41611d4feec2ad5a
-
SHA256
40f98d7fbfe7b67d42dd7283eac6a78772d11fd15b7417ad87668ede8b720d10
-
SHA512
40e742bc94e39dfecfb3a345b7e2cb79d95e5055bac8041618b440b2ca0a179f2b7be78ac428a162ceda7e0ad1ecd176558735728e4fd5142b189a7ccbd927c8
-
SSDEEP
98304:SvI22SsaNYfdPBldt6+dBcjHxdfiMuwrR:Ud7jRdZuwrR
-
Quasar payload
-
Executes dropped EXE
-