General
-
Target
b52c82a883e375e6c9746970bebbcb650923640bf3064841fe9576dac002e794
-
Size
3.1MB
-
Sample
231103-fc382aeb83
-
MD5
c6cd40f9abe3e2f57c2d168a45619f3e
-
SHA1
7936b73c5553bc7240d7fa212fc53e781b256b9b
-
SHA256
b52c82a883e375e6c9746970bebbcb650923640bf3064841fe9576dac002e794
-
SHA512
f4e4a3c5e1a10a7bbde1d6d98711aa2b749f911e25985524ab87cc36f8187abfabec15358b6ba5423911b8b9f92542048890f2b8d4867d1d1ca52695f5affa85
-
SSDEEP
49152:zvTlL26AaNeWgPhlmVqvMQ7XSKYxOEMkTk/JxioGdNTHHB72eh2NT:zvJL26AaNeWgPhlmVqkQ7XSKYxKI
Behavioral task
behavioral1
Sample
b52c82a883e375e6c9746970bebbcb650923640bf3064841fe9576dac002e794.exe
Resource
win7-20231020-en
Malware Config
Extracted
quasar
1.4.1
Office04
johndoenut-37242.portmap.host:37242
05d65bcc-6c5f-460e-8d45-6684ae1bccaa
-
encryption_key
E344F0D25DB3F3E7A00CE18CF48552DBF8F97F5F
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
b52c82a883e375e6c9746970bebbcb650923640bf3064841fe9576dac002e794
-
Size
3.1MB
-
MD5
c6cd40f9abe3e2f57c2d168a45619f3e
-
SHA1
7936b73c5553bc7240d7fa212fc53e781b256b9b
-
SHA256
b52c82a883e375e6c9746970bebbcb650923640bf3064841fe9576dac002e794
-
SHA512
f4e4a3c5e1a10a7bbde1d6d98711aa2b749f911e25985524ab87cc36f8187abfabec15358b6ba5423911b8b9f92542048890f2b8d4867d1d1ca52695f5affa85
-
SSDEEP
49152:zvTlL26AaNeWgPhlmVqvMQ7XSKYxOEMkTk/JxioGdNTHHB72eh2NT:zvJL26AaNeWgPhlmVqkQ7XSKYxKI
-
Quasar payload
-