General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
240623-dcrtwsxbqe
-
MD5
d15aaa22eb03b31937925310c3d36411
-
SHA1
45898e18f05d508753c7f051f671c21f4f3324e8
-
SHA256
7c45872682181142c0baf0c738d36ffe0a466c39ea4be1a673b7304426a5606e
-
SHA512
6127d1216c41ade025c98727a770d45e852978affa441eb45da108334b28c542e144157b070ec931440109d0890c843af305a29dc829bbc27a9d936df6ff982d
-
SSDEEP
49152:uvbI22SsaNYfdPBldt698dBcjHlXsAdpiLoGdi5zTHHB72eh2NT:uvk22SsaNYfdPBldt6+dBcjHhsH
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.0.1:8096
f897331a-e70c-4b37-9939-0865729f7475
-
encryption_key
1E5FEC53491F397A647C164995877CF2E1897DD5
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
d15aaa22eb03b31937925310c3d36411
-
SHA1
45898e18f05d508753c7f051f671c21f4f3324e8
-
SHA256
7c45872682181142c0baf0c738d36ffe0a466c39ea4be1a673b7304426a5606e
-
SHA512
6127d1216c41ade025c98727a770d45e852978affa441eb45da108334b28c542e144157b070ec931440109d0890c843af305a29dc829bbc27a9d936df6ff982d
-
SSDEEP
49152:uvbI22SsaNYfdPBldt698dBcjHlXsAdpiLoGdi5zTHHB72eh2NT:uvk22SsaNYfdPBldt6+dBcjHhsH
-
Quasar payload
-
Executes dropped EXE
-