General
-
Target
client.exe
-
Size
3.1MB
-
Sample
240317-c4tbcsch6v
-
MD5
e17bfe5bcf6c7d02d7390979ef14c56f
-
SHA1
4138484b1a87ee0c274c9caa44f59b519c2318b5
-
SHA256
c2357eacdf6eb12b6193620c41f16df0371b4b584c9a5b9284ecc49525b02714
-
SHA512
b8031016874a188ef398afc7143796bc3758d6ebdbafb157bb391c9a2e3d21905918276a6ef84317ff06cb5dd7ba569c156cc8da67fef8c6e46a949c1151cdd8
-
SSDEEP
49152:PvCI22SsaNYfdPBldt698dBcjHb9Sk1J/hoGdRcTHHB72eh2NT:PvP22SsaNYfdPBldt6+dBcjHb9S+
Behavioral task
behavioral1
Sample
client.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
imranRAT
68.225.240.203:443
9dc62ac4-7471-4057-b5f1-212eabe56136
-
encryption_key
D3B83A9986DADD4016C9CCF1608F57293E9C0E2B
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
2999
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
client.exe
-
Size
3.1MB
-
MD5
e17bfe5bcf6c7d02d7390979ef14c56f
-
SHA1
4138484b1a87ee0c274c9caa44f59b519c2318b5
-
SHA256
c2357eacdf6eb12b6193620c41f16df0371b4b584c9a5b9284ecc49525b02714
-
SHA512
b8031016874a188ef398afc7143796bc3758d6ebdbafb157bb391c9a2e3d21905918276a6ef84317ff06cb5dd7ba569c156cc8da67fef8c6e46a949c1151cdd8
-
SSDEEP
49152:PvCI22SsaNYfdPBldt698dBcjHb9Sk1J/hoGdRcTHHB72eh2NT:PvP22SsaNYfdPBldt6+dBcjHb9S+
-
Quasar payload
-