General
-
Target
test.exe
-
Size
3.1MB
-
Sample
240701-xxmkfsvblb
-
MD5
bb77540fd1314aa2494885ee22e3174f
-
SHA1
31592d6392e80ff50262733f701d6472966efb17
-
SHA256
18635a10a0e261f0adef5efa9b555d830703048a35e19324d47ab7a9092cc17f
-
SHA512
2aa1fd48664d654d63b6da4fa36051cf1e50c4ef0f08ec4d1d05132abc5758e57754109a05d09c680a778499fd454a7af7615db37fcb7672a52e340461f4016c
-
SSDEEP
49152:Dv3lL26AaNeWgPhlmVqvMQ7XSK0Cx1JneoGdEpaTHHB72eh2NT:Dv1L26AaNeWgPhlmVqkQ7XSK0C8U
Malware Config
Extracted
quasar
1.4.1
Office04
people-climbing.gl.at.ply.gg:54251
c7dd3b7a-8fe6-43f2-bded-552f90aecb46
-
encryption_key
C3447618C6C734E098F3A7B011F0BA0D606BC5AC
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
test.exe
-
Size
3.1MB
-
MD5
bb77540fd1314aa2494885ee22e3174f
-
SHA1
31592d6392e80ff50262733f701d6472966efb17
-
SHA256
18635a10a0e261f0adef5efa9b555d830703048a35e19324d47ab7a9092cc17f
-
SHA512
2aa1fd48664d654d63b6da4fa36051cf1e50c4ef0f08ec4d1d05132abc5758e57754109a05d09c680a778499fd454a7af7615db37fcb7672a52e340461f4016c
-
SSDEEP
49152:Dv3lL26AaNeWgPhlmVqvMQ7XSK0Cx1JneoGdEpaTHHB72eh2NT:Dv1L26AaNeWgPhlmVqkQ7XSK0C8U
-
Quasar payload
-