General
-
Target
Malware.bat
-
Size
5.1MB
-
Sample
240324-zxtpwabd2v
-
MD5
9a7d8e4dd1ba4265ef75c22265b9fbb8
-
SHA1
fcd5b59e6ed52b1e2efeb3e68c7c4bc3f93945d5
-
SHA256
a155e28e5517fc85bf006ee991a1aab8f595a0aaeb05b0ee4fd38cdbc8f6ca52
-
SHA512
ee1c93dbb18f40e589b1914dd416dc0f96b9279b71e3f048eccaba5efad7430a72178fa87234ac70757099628c33a27f234ad7f3cd3854de3fd6d59c67d17fd6
-
SSDEEP
24576:SpcksZhAsxYu9bEUt4Qa1CFQa5Z4tp5ljbjvGr2BBgfretKRxMp+hrQB0eJM2a8d:MSbESV0MFJnCjsYvVxxx
Static task
static1
Behavioral task
behavioral1
Sample
Malware.bat
Resource
win7-20240215-en
Malware Config
Extracted
quasar
1.4.1
Slave
140.238.91.110:36039
df49f69a-66a2-4b6e-bb60-18c12b5b14df
-
encryption_key
6A1671418BB270D703D501AB8E9B41E8D413B6D3
-
install_name
Client.exe
-
log_directory
Win64ErrorLogs
-
reconnect_delay
3000
-
startup_key
Windows Boot Menu
-
subdirectory
SubDir
Targets
-
-
Target
Malware.bat
-
Size
5.1MB
-
MD5
9a7d8e4dd1ba4265ef75c22265b9fbb8
-
SHA1
fcd5b59e6ed52b1e2efeb3e68c7c4bc3f93945d5
-
SHA256
a155e28e5517fc85bf006ee991a1aab8f595a0aaeb05b0ee4fd38cdbc8f6ca52
-
SHA512
ee1c93dbb18f40e589b1914dd416dc0f96b9279b71e3f048eccaba5efad7430a72178fa87234ac70757099628c33a27f234ad7f3cd3854de3fd6d59c67d17fd6
-
SSDEEP
24576:SpcksZhAsxYu9bEUt4Qa1CFQa5Z4tp5ljbjvGr2BBgfretKRxMp+hrQB0eJM2a8d:MSbESV0MFJnCjsYvVxxx
-
Quasar payload
-
Executes dropped EXE
-