General
-
Target
6ca670555f071e4114ae2bc4875432dc89d77c879ce2af068132023fc4485d08
-
Size
3.1MB
-
Sample
231226-c8qe9safhn
-
MD5
f4397d70e3c4c8f9db08dd279b063c6f
-
SHA1
0afa3cf8c216507e71f7b0637838b7cc85300070
-
SHA256
6ca670555f071e4114ae2bc4875432dc89d77c879ce2af068132023fc4485d08
-
SHA512
acf813dc92e7132b6f3018a294c050c2e98bd15d25c3cccaf73c6427789322ef6de1b67d43fcde497cd4aaea69ec9290e8eb683f7d2e1585bea752f65e40d0bc
-
SSDEEP
49152:mvHI22SsaNYfdPBldt698dBcjH5cRJ6WbR3LoGdxTHHB72eh2NTC:mvo22SsaNYfdPBldt6+dBcjH5cRJ6Q
Behavioral task
behavioral1
Sample
6ca670555f071e4114ae2bc4875432dc89d77c879ce2af068132023fc4485d08.exe
Resource
win7-20231215-en
Malware Config
Extracted
quasar
1.4.1
Office04
101.37.69.75:4782
2fbb1666-5749-4fe5-ab71-a6419768cd65
-
encryption_key
1B75943E1426ACBA828FED22296C6D252DFAFCDB
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
6ca670555f071e4114ae2bc4875432dc89d77c879ce2af068132023fc4485d08
-
Size
3.1MB
-
MD5
f4397d70e3c4c8f9db08dd279b063c6f
-
SHA1
0afa3cf8c216507e71f7b0637838b7cc85300070
-
SHA256
6ca670555f071e4114ae2bc4875432dc89d77c879ce2af068132023fc4485d08
-
SHA512
acf813dc92e7132b6f3018a294c050c2e98bd15d25c3cccaf73c6427789322ef6de1b67d43fcde497cd4aaea69ec9290e8eb683f7d2e1585bea752f65e40d0bc
-
SSDEEP
49152:mvHI22SsaNYfdPBldt698dBcjH5cRJ6WbR3LoGdxTHHB72eh2NTC:mvo22SsaNYfdPBldt6+dBcjH5cRJ6Q
-
Quasar payload
-