General
-
Target
ef7f08ba6d40fb6a41d518c42f5791bb2d9348468c51d6e0356836003503191e
-
Size
3.1MB
-
Sample
231226-c9sxsaahem
-
MD5
7c42ef709161b7d40e6d056c9410ed07
-
SHA1
6cb8a16d7371c242fdb063713a44a02a441a4849
-
SHA256
ef7f08ba6d40fb6a41d518c42f5791bb2d9348468c51d6e0356836003503191e
-
SHA512
0ea7595a12baabb533e8e3bcba73989e6199a5f101e8f0c9f24c4396d2dfe292a62fb556be2d74c0c105cd377a0014989e990b86c0a6e203d097b96df4475b73
-
SSDEEP
49152:fvGI22SsaNYfdPBldt698dBcjHQVRJ6tbR3LoGdSTHHB72eh2NT:fvL22SsaNYfdPBldt6+dBcjHQVRJ6/
Behavioral task
behavioral1
Sample
ef7f08ba6d40fb6a41d518c42f5791bb2d9348468c51d6e0356836003503191e.exe
Resource
win7-20231215-en
Malware Config
Extracted
quasar
1.4.1
Office04
101.37.69.75:4782
2fbb1666-5749-4fe5-ab71-a6419768cd65
-
encryption_key
1B75943E1426ACBA828FED22296C6D252DFAFCDB
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
ef7f08ba6d40fb6a41d518c42f5791bb2d9348468c51d6e0356836003503191e
-
Size
3.1MB
-
MD5
7c42ef709161b7d40e6d056c9410ed07
-
SHA1
6cb8a16d7371c242fdb063713a44a02a441a4849
-
SHA256
ef7f08ba6d40fb6a41d518c42f5791bb2d9348468c51d6e0356836003503191e
-
SHA512
0ea7595a12baabb533e8e3bcba73989e6199a5f101e8f0c9f24c4396d2dfe292a62fb556be2d74c0c105cd377a0014989e990b86c0a6e203d097b96df4475b73
-
SSDEEP
49152:fvGI22SsaNYfdPBldt698dBcjHQVRJ6tbR3LoGdSTHHB72eh2NT:fvL22SsaNYfdPBldt6+dBcjHQVRJ6/
-
Quasar payload
-