General
-
Target
HexAttacker aim assistFORT1.rar
-
Size
1.0MB
-
Sample
240329-zfm6rsaa28
-
MD5
7db3b1fdd6d1c3f73f2edb1b14cad14b
-
SHA1
23b7d35687898053ae29a7eb40e07c0e550837a6
-
SHA256
d99615a3aa26993fa6c56757eec3cd2c2b82c4eb3edf5c561fc4ea2d4545e05e
-
SHA512
cfe955813726a6963c0269dae71287eaebb3b3d8225c5f599b2b3ae3f043ac9ece9d6cabe877079c3193a9228c1f5feae64a153b188f12d41200ca66009cb3db
-
SSDEEP
24576:E6VIxUSOJNzYuo8VwtFrPghTo1VNS8AftBybwR8P+4S6N:v2UjbzYyVkiE/N3PbwKWBQ
Behavioral task
behavioral1
Sample
HexAttacker aim assistFORT1/HexAttacker aim assistFORT/HexAttacker aim assist.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
HexAttacker aim assistFORT1/HexAttacker aim assistFORT/install_requirements.bat
Resource
win10v2004-20240226-en
Malware Config
Extracted
quasar
1.4.1
da
192.168.1.221:4782
eb5d7b57-cea9-428d-b049-de1a39cabb31
-
encryption_key
549051CF8891BE12C122797CC5CBE23D6839FE43
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
HexAttacker aim assistFORT1/HexAttacker aim assistFORT/HexAttacker aim assist.exe
-
Size
3.1MB
-
MD5
763354ddbec52a620da13b1127fea666
-
SHA1
bc12ddd5326cffbf5baa30b0d660541a0e6a6741
-
SHA256
6d6d21b36bffb7a0c3779f7029498478517a47b0be21a6eb42efe19892d89a34
-
SHA512
e947182420c9c1368bbd47593f71f15f935992a90978e291f970eaaf30f39269ccc98f4d9dfba4da05a4d452ea9b1aac2e4f682929c745da0ca7277aaa1b348b
-
SSDEEP
49152:WvyI22SsaNYfdPBldt698dBcjHn7RwSBxQjoGdhgTHHB72eh2NT:Wvf22SsaNYfdPBldt6+dBcjHdwV
-
Quasar payload
-
Executes dropped EXE
-
-
-
Target
HexAttacker aim assistFORT1/HexAttacker aim assistFORT/install_requirements.bat
-
Size
38B
-
MD5
4dcef1a00fab20e9bc78bf6604610423
-
SHA1
dd6713f82e6b5db2b228ff82df9c02f8cf66943a
-
SHA256
951f2e24c2a3f7ec40b2c8b12b984c72c1c98acc6489ec33d8f0f065ef877130
-
SHA512
3cc1cab42b3d3827298449976532da31468fcc2533769a51c96d3b1276b132daee2e2cd62f1c1bacae804786c44fb55f98f9b2de1ca9b124b2130bfa2f5a7cc6
Score1/10 -