General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
231110-zt81dsfe23
-
MD5
1992767afc50163e0c5ef66cb05a9f14
-
SHA1
a00e43af026b6058369d29cf497dbd3108dd789f
-
SHA256
3c08b6adfd684fc86f8c64ad4f35f3a147c0c0645b07af91d47ea7ce81ba916f
-
SHA512
6efeec98e60c305f6ba65dc8d667dd0f2dca2c4c6e48dcb4707086199e3441721c2fba3b67d1b20c71b57a86dffd1fe128ba40829e4c355a4b47c34c1d8e8199
-
SSDEEP
49152:mvbI22SsaNYfdPBldt698dBcjHneRJ6+bR3LoGdYHTHHB72eh2NT:mvk22SsaNYfdPBldt6+dBcjHneRJ64I
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win10-20231023-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.56.1:4782
d74bf3cc-bcf0-4f2a-86d2-a4d1d926f75a
-
encryption_key
BB9FA528165DE06A3659B03C0FCD271E2752BA2D
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
1992767afc50163e0c5ef66cb05a9f14
-
SHA1
a00e43af026b6058369d29cf497dbd3108dd789f
-
SHA256
3c08b6adfd684fc86f8c64ad4f35f3a147c0c0645b07af91d47ea7ce81ba916f
-
SHA512
6efeec98e60c305f6ba65dc8d667dd0f2dca2c4c6e48dcb4707086199e3441721c2fba3b67d1b20c71b57a86dffd1fe128ba40829e4c355a4b47c34c1d8e8199
-
SSDEEP
49152:mvbI22SsaNYfdPBldt698dBcjHneRJ6+bR3LoGdYHTHHB72eh2NT:mvk22SsaNYfdPBldt6+dBcjHneRJ64I
-
Quasar payload
-