General
-
Target
Remover.bat
-
Size
4.4MB
-
Sample
230520-tq5kxafh6w
-
MD5
f3aa3ff4c657d03f217b05e3de5cfe0f
-
SHA1
f39fe9fecd327901aceb32d55979fb49300a907a
-
SHA256
3c22aced502398a94ad0c44fbdb1eb78e96a500e39af497ff6c7a9f9c512ef25
-
SHA512
99ef3dba1ccd41f4284a2026edd400acff7ec0fb13652e8da71a17417a2c7ed571a227559b3f7b5991f7aa79cd883d14cd6cf17582095633597ed826ffcdd637
-
SSDEEP
24576:DuFAc9dtV23GygMMgqMPGBpQdLZF4VxNB6bu6T4Llm8H2fNjx/YNcQq3NON5BOze:ppgMlWQojUWxw94oa
Static task
static1
Behavioral task
behavioral1
Sample
Remover.bat
Resource
win7-20230220-en
Malware Config
Extracted
quasar
1.4.1
Slave
5.180.180.66:4782
28d5f0ab-9c9d-4762-9e41-3c5ccbfcffae
-
encryption_key
5484AD7AC17743300FB1AC39869E7C36DF7762A0
-
install_name
MicrosoftEdge.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Edge
-
subdirectory
Edge
Targets
-
-
Target
Remover.bat
-
Size
4.4MB
-
MD5
f3aa3ff4c657d03f217b05e3de5cfe0f
-
SHA1
f39fe9fecd327901aceb32d55979fb49300a907a
-
SHA256
3c22aced502398a94ad0c44fbdb1eb78e96a500e39af497ff6c7a9f9c512ef25
-
SHA512
99ef3dba1ccd41f4284a2026edd400acff7ec0fb13652e8da71a17417a2c7ed571a227559b3f7b5991f7aa79cd883d14cd6cf17582095633597ed826ffcdd637
-
SSDEEP
24576:DuFAc9dtV23GygMMgqMPGBpQdLZF4VxNB6bu6T4Llm8H2fNjx/YNcQq3NON5BOze:ppgMlWQojUWxw94oa
-
Quasar payload
-
Executes dropped EXE
-