Overview

overview

10

Static

static

10

Client-built.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • Sample

    240620-s85g7avhje

  • MD5

    956bf4b33cb9f9652392ba30be4d8d70

  • SHA1

    e56884f22c4ca45176cdb01d936fd982b461807a

  • SHA256

    548088bf8bf48ba7183eb61368fc76fdcbbd6079ca903d72d595a32853121ddd

  • SHA512

    27b77712d01af6840ed441b1616674155363786f88e4750255eb4e9e735de99c3da1b0b4f4052c6b68c4be712c117314032a760db3f323d0fde6e2acabe308e8

  • SSDEEP

    49152:nvbI22SsaNYfdPBldt698dBcjHQxiCuBeALoGq2THHB72eh2NT:nvk22SsaNYfdPBldt6+dBcjHbCY

Score
10/10
quasaroffice04spywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

192.168.81.128:2200

Mutex

5e22b217-1068-4670-8825-0d956644bffb

Attributes
  • encryption_key

    2EEA324C975DB97EE9BDD19003D70E04CD74BAF2

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.exe

    • Size

      3.1MB

    • MD5

      956bf4b33cb9f9652392ba30be4d8d70

    • SHA1

      e56884f22c4ca45176cdb01d936fd982b461807a

    • SHA256

      548088bf8bf48ba7183eb61368fc76fdcbbd6079ca903d72d595a32853121ddd

    • SHA512

      27b77712d01af6840ed441b1616674155363786f88e4750255eb4e9e735de99c3da1b0b4f4052c6b68c4be712c117314032a760db3f323d0fde6e2acabe308e8

    • SSDEEP

      49152:nvbI22SsaNYfdPBldt698dBcjHQxiCuBeALoGq2THHB72eh2NT:nvk22SsaNYfdPBldt6+dBcjHbCY

    Score
    10/10
    quasaroffice04spywaretrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Tasks