General
-
Target
exe.exe
-
Size
3.1MB
-
Sample
240616-fhtxjsvall
-
MD5
2dceccd0788fa96dc8854d68310d64fd
-
SHA1
52c0f393c45a9a84c9af366f6b4399130b282ad0
-
SHA256
af727097e1fbc87bd6cf2084c363518b40d49f5f54f934347536e35db437637b
-
SHA512
3df73315e46bbfdb90235988a47406fd77a735cdaa182ead9be30655c10ad7a7e51b5bd6f9d22635686b449820d045e3ba8d632b8564840f9cfb4156cb2ab9f1
-
SSDEEP
49152:rvtlL26AaNeWgPhlmVqvMQ7XSKDCZ1JkeoGdZfTHHB72eh2NT:rvTL26AaNeWgPhlmVqkQ7XSKDCZ
Behavioral task
behavioral1
Sample
exe.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
147.185.221.18:18043
147.185.221.18:1358
b70563dc-1a4b-4e44-8c78-87c8f325342d
-
encryption_key
211206313CE42AACEA301C4CAC6CB50A5128C03B
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
Management
Targets
-
-
Target
exe.exe
-
Size
3.1MB
-
MD5
2dceccd0788fa96dc8854d68310d64fd
-
SHA1
52c0f393c45a9a84c9af366f6b4399130b282ad0
-
SHA256
af727097e1fbc87bd6cf2084c363518b40d49f5f54f934347536e35db437637b
-
SHA512
3df73315e46bbfdb90235988a47406fd77a735cdaa182ead9be30655c10ad7a7e51b5bd6f9d22635686b449820d045e3ba8d632b8564840f9cfb4156cb2ab9f1
-
SSDEEP
49152:rvtlL26AaNeWgPhlmVqvMQ7XSKDCZ1JkeoGdZfTHHB72eh2NT:rvTL26AaNeWgPhlmVqkQ7XSKDCZ
-
Quasar payload
-