General
-
Target
a92b1b7ad45113f22a22e554d3b0521b2d1c10528ff6d541836cac16c0eddc26
-
Size
3.1MB
-
Sample
240702-g63p2atfnj
-
MD5
8499a3b1d99e207ebebbb8baafa0da1e
-
SHA1
df21c8f1385a708fd6d142db3c4af2f1417a4aa1
-
SHA256
a92b1b7ad45113f22a22e554d3b0521b2d1c10528ff6d541836cac16c0eddc26
-
SHA512
254362c9ca87f5dbd40578a26b8b3e44bc09d86d7f2351e46a8e7559d3d865b993d08d42c68b53222f713adf812b4a7ad32204c6f5a24e6eb59b718ff36dd8c5
-
SSDEEP
98304:Sv462XlaSFNWPjljiFXRoUYIwxj1uZsvi:UwZY5M6
Behavioral task
behavioral1
Sample
a92b1b7ad45113f22a22e554d3b0521b2d1c10528ff6d541836cac16c0eddc26.exe
Resource
win7-20240508-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.1.6:4782
7e39441d-bf3c-4e76-b218-17218a11a5ae
-
encryption_key
4228EF6C98C943B084BBAB0B946094AB34DE7807
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Win32
-
subdirectory
SubDir
Targets
-
-
Target
a92b1b7ad45113f22a22e554d3b0521b2d1c10528ff6d541836cac16c0eddc26
-
Size
3.1MB
-
MD5
8499a3b1d99e207ebebbb8baafa0da1e
-
SHA1
df21c8f1385a708fd6d142db3c4af2f1417a4aa1
-
SHA256
a92b1b7ad45113f22a22e554d3b0521b2d1c10528ff6d541836cac16c0eddc26
-
SHA512
254362c9ca87f5dbd40578a26b8b3e44bc09d86d7f2351e46a8e7559d3d865b993d08d42c68b53222f713adf812b4a7ad32204c6f5a24e6eb59b718ff36dd8c5
-
SSDEEP
98304:Sv462XlaSFNWPjljiFXRoUYIwxj1uZsvi:UwZY5M6
-
Quasar payload
-
Executes dropped EXE
-