General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • Sample

    240102-tzlt6aaadm

  • MD5

    1b0a7b84f74b1cc91b6c3c52d9169133

  • SHA1

    57b924be9901efc2222422d40775786d01db84a2

  • SHA256

    eae491131e56184f857b586eefcf940022099c2b43370aba69c566b86b143190

  • SHA512

    d66694f04529071ae5eb1b264ebc141a9088f870fc8fffa026586e0905edec4dc55ab92b85af6ac3bff109b41a7bd3e81e6e9a48dc2a362535630560d09314ef

  • SSDEEP

    49152:HvTlL26AaNeWgPhlmVqvMQ7XSKBQRJ6BbR3LoGdS6THHB72eh2NT:HvJL26AaNeWgPhlmVqkQ7XSKBQRJ6j

Score
10/10

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

children-electronic.at.ply.gg:13305:7777

Mutex

ac197ba4-eba1-43e4-a3ef-e2a5903a81a9

Attributes
  • encryption_key

    0BC8370E5864E2854B3417FA802F26CC98C5FD73

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.exe

    • Size

      3.1MB

    • MD5

      1b0a7b84f74b1cc91b6c3c52d9169133

    • SHA1

      57b924be9901efc2222422d40775786d01db84a2

    • SHA256

      eae491131e56184f857b586eefcf940022099c2b43370aba69c566b86b143190

    • SHA512

      d66694f04529071ae5eb1b264ebc141a9088f870fc8fffa026586e0905edec4dc55ab92b85af6ac3bff109b41a7bd3e81e6e9a48dc2a362535630560d09314ef

    • SSDEEP

      49152:HvTlL26AaNeWgPhlmVqvMQ7XSKBQRJ6BbR3LoGdS6THHB72eh2NT:HvJL26AaNeWgPhlmVqkQ7XSKBQRJ6j

    Score
    1/10

MITRE ATT&CK Matrix

Tasks