General
-
Target
slowpihax-cracked.exe
-
Size
41.2MB
-
Sample
240705-saya8azhjq
-
MD5
e1aacaff10385b4147cf0c78b9e6cf3e
-
SHA1
fd1f946cbb067e4af14e7795eacb3b23e79d73b4
-
SHA256
332a9d220e346c1d0ed92192147ff8cf234e42b9e422c9023d33686034b2676e
-
SHA512
ca6eb54b5e5c20ef5c99998486ebc8dadc549eca0f82416ed1377b3f2106db2255979e223571f1c77c7fcf1e4dfdf5bc3a5ed01e852ec5c3708503800ffd4799
-
SSDEEP
786432:m40HRuticyhpmVdVzGXTOV7I/P8vHBoqp4ZFQiq856KuE+9xHQXnMtq6gNqPiJx9:X0o0hIGXTOW2Wqp4ZFQlrH4eTP2
Static task
static1
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.0.7:4782
fbd75815-2656-4e50-bfe0-7da7eafe0a05
-
encryption_key
6BD3C203B48FE6DD196781EC4A2D071085C47FBA
-
install_name
system32.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
system32
-
subdirectory
subdir
Targets
-
-
Target
slowpihax-cracked.exe
-
Size
41.2MB
-
MD5
e1aacaff10385b4147cf0c78b9e6cf3e
-
SHA1
fd1f946cbb067e4af14e7795eacb3b23e79d73b4
-
SHA256
332a9d220e346c1d0ed92192147ff8cf234e42b9e422c9023d33686034b2676e
-
SHA512
ca6eb54b5e5c20ef5c99998486ebc8dadc549eca0f82416ed1377b3f2106db2255979e223571f1c77c7fcf1e4dfdf5bc3a5ed01e852ec5c3708503800ffd4799
-
SSDEEP
786432:m40HRuticyhpmVdVzGXTOV7I/P8vHBoqp4ZFQiq856KuE+9xHQXnMtq6gNqPiJx9:X0o0hIGXTOW2Wqp4ZFQlrH4eTP2
-
Quasar payload
-
Executes dropped EXE
-