General
-
Target
Client-built..exe
-
Size
1.4MB
-
Sample
240705-p7rcds1elc
-
MD5
f5c2be73823ebb66785a83768e52e980
-
SHA1
41fe86f34561783ea286d9cb5cf5310d3996c6d8
-
SHA256
21a458f98a08c49906ddeb20fb058350419d8cab506f20408d57db41afbb4d59
-
SHA512
63149a433d474452062404d09865e9efd0be9dafb9866da7e1dd149880a711be540bd13b3c80e8d811a0ff0811c88122dbdaf3ac1885eaa99d88c430f1118b7a
-
SSDEEP
24576:SBkVdlYAW0YS6qo50Np1eydBHUKCdaWhvqJzGQHlk27D20jtS7IaqX4u3YTu:2svwpmNveAHUKCXhNQHlk27D2yS7U4/K
Static task
static1
Malware Config
Extracted
quasar
1.4.1
Office04
five-sequences.gl.at.ply.gg:47561
52538090-621d-4a1c-a61f-f49482c94fb1
-
encryption_key
7B4436DBF50D42B9F94267172ADD0B3430D55E7D
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built..exe
-
Size
1.4MB
-
MD5
f5c2be73823ebb66785a83768e52e980
-
SHA1
41fe86f34561783ea286d9cb5cf5310d3996c6d8
-
SHA256
21a458f98a08c49906ddeb20fb058350419d8cab506f20408d57db41afbb4d59
-
SHA512
63149a433d474452062404d09865e9efd0be9dafb9866da7e1dd149880a711be540bd13b3c80e8d811a0ff0811c88122dbdaf3ac1885eaa99d88c430f1118b7a
-
SSDEEP
24576:SBkVdlYAW0YS6qo50Np1eydBHUKCdaWhvqJzGQHlk27D20jtS7IaqX4u3YTu:2svwpmNveAHUKCXhNQHlk27D2yS7U4/K
-
Quasar payload
-
Executes dropped EXE
-