General
-
Target
Skibididtoilet.exe
-
Size
3.1MB
-
Sample
240614-x28ngssglg
-
MD5
8f1719e375603f60acae2ec53c8021cf
-
SHA1
449f8a41edbd7e044b7f72c5490f12495c76642b
-
SHA256
0c35263f6a4b83dd522bda60fe30e07eb3a6ef3619c8061c578a603bc1aecb61
-
SHA512
8468c96ab0e2cdd1b5924a63162a87113bddb8b8c2b20fcf14528a5a6fac190d42d80aeb82400d45ebedd328d5c66d8bab3287607b57253e1ec0a761b9b05ffb
-
SSDEEP
49152:3vZI22SsaNYfdPBldt698dBcjHX0aDo+boGdXTHHB72eh2NT:3va22SsaNYfdPBldt6+dBcjHEaDoO
Behavioral task
behavioral1
Sample
Skibididtoilet.exe
Resource
win7-20240611-en
Malware Config
Extracted
quasar
1.4.1
Office04
147.185.221.18:18043
973de4bb-9630-4798-badb-35c53e068b10
-
encryption_key
1F7D88978B03E5C08F9DEDBD0A0F2EF673BE9527
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Skibididtoilet.exe
-
Size
3.1MB
-
MD5
8f1719e375603f60acae2ec53c8021cf
-
SHA1
449f8a41edbd7e044b7f72c5490f12495c76642b
-
SHA256
0c35263f6a4b83dd522bda60fe30e07eb3a6ef3619c8061c578a603bc1aecb61
-
SHA512
8468c96ab0e2cdd1b5924a63162a87113bddb8b8c2b20fcf14528a5a6fac190d42d80aeb82400d45ebedd328d5c66d8bab3287607b57253e1ec0a761b9b05ffb
-
SSDEEP
49152:3vZI22SsaNYfdPBldt698dBcjHX0aDo+boGdXTHHB72eh2NT:3va22SsaNYfdPBldt6+dBcjHEaDoO
-
Quasar payload
-