General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • Sample

    231110-zt81dsfe23

  • MD5

    1992767afc50163e0c5ef66cb05a9f14

  • SHA1

    a00e43af026b6058369d29cf497dbd3108dd789f

  • SHA256

    3c08b6adfd684fc86f8c64ad4f35f3a147c0c0645b07af91d47ea7ce81ba916f

  • SHA512

    6efeec98e60c305f6ba65dc8d667dd0f2dca2c4c6e48dcb4707086199e3441721c2fba3b67d1b20c71b57a86dffd1fe128ba40829e4c355a4b47c34c1d8e8199

  • SSDEEP

    49152:mvbI22SsaNYfdPBldt698dBcjHneRJ6+bR3LoGdYHTHHB72eh2NT:mvk22SsaNYfdPBldt6+dBcjHneRJ64I

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

192.168.56.1:4782

Mutex

d74bf3cc-bcf0-4f2a-86d2-a4d1d926f75a

Attributes
  • encryption_key

    BB9FA528165DE06A3659B03C0FCD271E2752BA2D

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.exe

    • Size

      3.1MB

    • MD5

      1992767afc50163e0c5ef66cb05a9f14

    • SHA1

      a00e43af026b6058369d29cf497dbd3108dd789f

    • SHA256

      3c08b6adfd684fc86f8c64ad4f35f3a147c0c0645b07af91d47ea7ce81ba916f

    • SHA512

      6efeec98e60c305f6ba65dc8d667dd0f2dca2c4c6e48dcb4707086199e3441721c2fba3b67d1b20c71b57a86dffd1fe128ba40829e4c355a4b47c34c1d8e8199

    • SSDEEP

      49152:mvbI22SsaNYfdPBldt698dBcjHneRJ6+bR3LoGdYHTHHB72eh2NT:mvk22SsaNYfdPBldt6+dBcjHneRJ64I

MITRE ATT&CK Enterprise v15

Tasks