General
-
Target
f54598770f770d815c9707dd33518eac.exe
-
Size
3.1MB
-
Sample
240320-k5k1daea8w
-
MD5
f54598770f770d815c9707dd33518eac
-
SHA1
6acf4aaf1d74710ef92c0b99a4b263202fbefcb7
-
SHA256
2cb1adb73eda0d1c2dc62f7bc312add25cfcc04017d3998e11513c4d02b1150e
-
SHA512
dc927e84c41121e43f281af15ede1dcce368f1f94e88b56c893a1dfda8aa412547fe5f77d46fcc6a9fc8842b860edf4b3a3c059919b460d0f8611035d9e42d36
-
SSDEEP
49152:SvyI22SsaNYfdPBldt698dBcjHutbXPEhNvJJaoGdwjTHHB72eh2NT:Svf22SsaNYfdPBldt6+dBcjHZhg
Behavioral task
behavioral1
Sample
f54598770f770d815c9707dd33518eac.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office01
www.exiles.site:14782
a0f587a6-d40f-499d-8e9e-b0831e1cb678
-
encryption_key
49BF5A48970D914C7E70F494A8E16B5EFA3AB6A0
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
f54598770f770d815c9707dd33518eac.exe
-
Size
3.1MB
-
MD5
f54598770f770d815c9707dd33518eac
-
SHA1
6acf4aaf1d74710ef92c0b99a4b263202fbefcb7
-
SHA256
2cb1adb73eda0d1c2dc62f7bc312add25cfcc04017d3998e11513c4d02b1150e
-
SHA512
dc927e84c41121e43f281af15ede1dcce368f1f94e88b56c893a1dfda8aa412547fe5f77d46fcc6a9fc8842b860edf4b3a3c059919b460d0f8611035d9e42d36
-
SSDEEP
49152:SvyI22SsaNYfdPBldt698dBcjHutbXPEhNvJJaoGdwjTHHB72eh2NT:Svf22SsaNYfdPBldt6+dBcjHZhg
-
Quasar payload
-
Executes dropped EXE
-