General
-
Target
klarcrack.exe
-
Size
3.1MB
-
Sample
240403-233k3sff4x
-
MD5
137131a8d5de17ad363c8a16317caafc
-
SHA1
9067bcca3e183b3d5bec4da114eff1de764843d6
-
SHA256
693e126484497a348bdedf9eda9263a68fb19b92c7449ccec419274d7ee61394
-
SHA512
8ccf84deb0372f5a834d988887dcd9acbefa8fefa4ffdb225eafb50827ff1db8bb5c98074b2d4c2d188761303634c22064a87cb8ebf781ed535ad39c14767285
-
SSDEEP
49152:Pvkt62XlaSFNWPjljiFa2RoUYISdQebRRaLoGduTHHB72eh2NT:Pv462XlaSFNWPjljiFXRoUYISdQwE
Behavioral task
behavioral1
Sample
klarcrack.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.214.1:4782
d611c55c-eed6-46f5-b41f-31ded400b5b1
-
encryption_key
80385BA8C17CE50152104E573DF78F0BE61B58AA
-
install_name
Klar.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
34534683576
-
subdirectory
SubDir
Targets
-
-
Target
klarcrack.exe
-
Size
3.1MB
-
MD5
137131a8d5de17ad363c8a16317caafc
-
SHA1
9067bcca3e183b3d5bec4da114eff1de764843d6
-
SHA256
693e126484497a348bdedf9eda9263a68fb19b92c7449ccec419274d7ee61394
-
SHA512
8ccf84deb0372f5a834d988887dcd9acbefa8fefa4ffdb225eafb50827ff1db8bb5c98074b2d4c2d188761303634c22064a87cb8ebf781ed535ad39c14767285
-
SSDEEP
49152:Pvkt62XlaSFNWPjljiFa2RoUYISdQebRRaLoGduTHHB72eh2NT:Pv462XlaSFNWPjljiFXRoUYISdQwE
-
Quasar payload
-
Executes dropped EXE
-