General
-
Target
ce77c5f039801216f1bfc23b75cb23b4bd1e2f469bf2c404652f21e6b362832a
-
Size
3.1MB
-
Sample
231108-mt72wahh2x
-
MD5
883ae1df90fc932ea299b3feabb704d5
-
SHA1
81036168cd80ca1aa8405e8ca407b94d2edf8239
-
SHA256
ce77c5f039801216f1bfc23b75cb23b4bd1e2f469bf2c404652f21e6b362832a
-
SHA512
52d60d278c292e5b5b70d3a78ffff10f297f01ed67bb61cfc779f0f9bd8bc2abfa475f8e8380a352198a2373646d20526d0705015a09709a3614479219e1ce00
-
SSDEEP
49152:2vOI22SsaNYfdPBldt698dBcjHXjRJ6TbR3LoGd69THHB72eh2NT:2vj22SsaNYfdPBldt6+dBcjHXjRJ6F
Behavioral task
behavioral1
Sample
ce77c5f039801216f1bfc23b75cb23b4bd1e2f469bf2c404652f21e6b362832a.exe
Resource
win7-20231023-en
Malware Config
Extracted
quasar
1.4.1
Office04
154.9.253.177:4782
042704a9-d5ef-4f19-8977-836e363ce545
-
encryption_key
F316950DD7A20E38BC0F9A281A1D2DFF277BA603
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
ce77c5f039801216f1bfc23b75cb23b4bd1e2f469bf2c404652f21e6b362832a
-
Size
3.1MB
-
MD5
883ae1df90fc932ea299b3feabb704d5
-
SHA1
81036168cd80ca1aa8405e8ca407b94d2edf8239
-
SHA256
ce77c5f039801216f1bfc23b75cb23b4bd1e2f469bf2c404652f21e6b362832a
-
SHA512
52d60d278c292e5b5b70d3a78ffff10f297f01ed67bb61cfc779f0f9bd8bc2abfa475f8e8380a352198a2373646d20526d0705015a09709a3614479219e1ce00
-
SSDEEP
49152:2vOI22SsaNYfdPBldt698dBcjHXjRJ6TbR3LoGd69THHB72eh2NT:2vj22SsaNYfdPBldt6+dBcjHXjRJ6F
-
Quasar payload
-