439e49a4df2f4bcc359283d02f612e98

General
Target

439e49a4df2f4bcc359283d02f612e98

Size

527KB

Sample

210624-tmff1at666

Score
10 /10
MD5

439e49a4df2f4bcc359283d02f612e98

SHA1

bf6e8632bedeb80e72f664e2d4ca8b260a77115d

SHA256

a792be03af23fe52b708d22df6cadeb3374bb5500416a862eee57ea56db20fd5

SHA512

4d1fd328d45b67ce5a8acb91fe25cbc6e4b6bc252ef95e94cb43ae3264f83f77d0e66cff16fbe8b40a2ac063c8b95758dd6969001a1d56a7e4f96ca3a786c992

Malware Config

Extracted

Family quasar
Version 1.4.0
Botnet Office04
C2

45.77.20.114:1604

Attributes
encryption_key
7E1D5BE8A11725FE11CAC5785F9684E24960D4AC
install_name
Media.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Media
subdirectory
SubDir
Targets
Target

439e49a4df2f4bcc359283d02f612e98

MD5

439e49a4df2f4bcc359283d02f612e98

Filesize

527KB

Score
10 /10
SHA1

bf6e8632bedeb80e72f664e2d4ca8b260a77115d

SHA256

a792be03af23fe52b708d22df6cadeb3374bb5500416a862eee57ea56db20fd5

SHA512

4d1fd328d45b67ce5a8acb91fe25cbc6e4b6bc252ef95e94cb43ae3264f83f77d0e66cff16fbe8b40a2ac063c8b95758dd6969001a1d56a7e4f96ca3a786c992

Tags

Signatures

  • Quasar Payload

  • Quasar RAT

    Description

    Quasar is an open source Remote Access Tool.

    Tags

  • Executes dropped EXE

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        10/10

                        behavioral1

                        10/10

                        behavioral2

                        10/10