General
-
Target
Account Gen.zip
-
Size
1.2MB
-
Sample
231115-s4pk6sda6x
-
MD5
384b49426968c43151f6721e55f72cb3
-
SHA1
6b40377a02117f66138cfdb6252e63507c639184
-
SHA256
2662a59faf074abd357ae710b362fc15ac13afa8b028f82852c7ddbe634366cc
-
SHA512
1fc03eae22f67ee2c3628e492d81a35c5a53b29c250b1ec14520ceaae1651e2df85302abb114148bfac286c9852e45bed7e66184fbe3e479b88f2cb8b1286456
-
SSDEEP
24576:94+5wmhcnpEpAidGFuy9idk3EIg/oSw+mJFgtZMqg+HeRbYZy3PUQynL:94N8cnpEqidGFX986/gc+oevfg+HeR0p
Behavioral task
behavioral1
Sample
Account gen/AccountGenV2.exe
Resource
win7-20231023-en
Malware Config
Extracted
quasar
1.4.1
Office04
testrun.ddns.net:4782
fd9b8a19-128c-46b0-894c-d756c440e4ce
-
encryption_key
1B16CA1138657AE4B0F5533A4344EDE1274EF9A6
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Account gen/AccountGenV2.exe
-
Size
3.1MB
-
MD5
b3d01e7505bc74ff5fe3407638da4242
-
SHA1
6cc7bb4fc57fa861aaec61d472d3affa85293b26
-
SHA256
bfe73168debb53dae9f90c4b5dfbcf0508c83716a15cad7b634f868bbd0f6438
-
SHA512
7c676bcfdb61e89a1cbd53bfd1fa3e1b208d272a67b2017c03f5c7e805cc030ddf6d18d75b701161eaacb565d51fd01b5722d9e90856ba88812a6bf83f247ec6
-
SSDEEP
49152:CvXI22SsaNYfdPBldt698dBcjHHmDJERH+k/OgVoGd1NTHHB72eh2NT:CvY22SsaNYfdPBldt6+dBcjHHmDlOF
-
Quasar payload
-
Executes dropped EXE
-
Drops file in System32 directory
-