General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
240201-m6hbzsbfe8
-
MD5
934a355a48cf365aa6f4fcbd11b65527
-
SHA1
7c5b05c065abb33691edb9e146bfbb065f6a1201
-
SHA256
1693d7b6b73946493e5b1436fcea2f18907d1af7043116bd8b5490ac24d0adf0
-
SHA512
e1eed51a46fb0a8d65c4265f407d4f5c01abf78d9a10f01b2129d3ce731e01c0c72c3be55d21fa3f73fa4fe2b9b77de5d96ff23a51d38f8b9745431b8257e126
-
SSDEEP
49152:7v5hBYjCO4Dt2d5aKCuVPzlEmVQL0wvwkaYC31JlLoGdNsTHHB72eh2NT:7vht2d5aKCuVPzlEmVQ0wvwfYCV
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win7-20231129-en
Malware Config
Extracted
quasar
1.4.1
Update
101.177.227.103:4782
192.168.0.59:4782
5bd89e12-1843-46a3-8143-daf9d4c1057e
-
encryption_key
87489E2D5B0F0ED148EFB8C3A6EE104AB572BC56
-
install_name
Client.exe
-
log_directory
Anti-Malware Detection Config
-
reconnect_delay
5000
-
startup_key
Anti-Malware Process
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
934a355a48cf365aa6f4fcbd11b65527
-
SHA1
7c5b05c065abb33691edb9e146bfbb065f6a1201
-
SHA256
1693d7b6b73946493e5b1436fcea2f18907d1af7043116bd8b5490ac24d0adf0
-
SHA512
e1eed51a46fb0a8d65c4265f407d4f5c01abf78d9a10f01b2129d3ce731e01c0c72c3be55d21fa3f73fa4fe2b9b77de5d96ff23a51d38f8b9745431b8257e126
-
SSDEEP
49152:7v5hBYjCO4Dt2d5aKCuVPzlEmVQL0wvwkaYC31JlLoGdNsTHHB72eh2NT:7vht2d5aKCuVPzlEmVQ0wvwfYCV
-
Quasar payload
-
Executes dropped EXE
-
Drops file in System32 directory
-