General
-
Target
439e49a4df2f4bcc359283d02f612e98
-
Size
527KB
-
Sample
210624-tmff1at666
-
MD5
439e49a4df2f4bcc359283d02f612e98
-
SHA1
bf6e8632bedeb80e72f664e2d4ca8b260a77115d
-
SHA256
a792be03af23fe52b708d22df6cadeb3374bb5500416a862eee57ea56db20fd5
-
SHA512
4d1fd328d45b67ce5a8acb91fe25cbc6e4b6bc252ef95e94cb43ae3264f83f77d0e66cff16fbe8b40a2ac063c8b95758dd6969001a1d56a7e4f96ca3a786c992
Behavioral task
behavioral1
Sample
439e49a4df2f4bcc359283d02f612e98.exe
Resource
win7v20210410
Malware Config
Extracted
quasar
1.4.0
Office04
45.77.20.114:1604
-
encryption_key
7E1D5BE8A11725FE11CAC5785F9684E24960D4AC
-
install_name
Media.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Media
-
subdirectory
SubDir
Targets
-
-
Target
439e49a4df2f4bcc359283d02f612e98
-
Size
527KB
-
MD5
439e49a4df2f4bcc359283d02f612e98
-
SHA1
bf6e8632bedeb80e72f664e2d4ca8b260a77115d
-
SHA256
a792be03af23fe52b708d22df6cadeb3374bb5500416a862eee57ea56db20fd5
-
SHA512
4d1fd328d45b67ce5a8acb91fe25cbc6e4b6bc252ef95e94cb43ae3264f83f77d0e66cff16fbe8b40a2ac063c8b95758dd6969001a1d56a7e4f96ca3a786c992
-
Quasar Payload
-
Executes dropped EXE
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Scheduled Task
1Privilege Escalation