General
-
Target
42047a3bda7fa746b62f4140bde1202f1746940b61145ae3209907a5ea95dfbc
-
Size
3.1MB
-
Sample
240403-vg5pzsga72
-
MD5
3db30c01a9ac8f9db4eb52c97a6cc678
-
SHA1
f2e2bdafc4194e936e2ba74a35e6ea60e897e904
-
SHA256
42047a3bda7fa746b62f4140bde1202f1746940b61145ae3209907a5ea95dfbc
-
SHA512
5e59d4d18ee3b9f351393ddc03494f541048058eee04cb49ddf4a9e9043e397d50b6de15c9e3b2b1ea1cca597764d55453cdc1084caa1e7a0acb231ed6dbac8b
-
SSDEEP
49152:3vXI22SsaNYfdPBldt698dBcjHS4A/yBxLzoGd4tkTHHB72eh2NT:3vY22SsaNYfdPBldt6+dBcjHS/i
Behavioral task
behavioral1
Sample
42047a3bda7fa746b62f4140bde1202f1746940b61145ae3209907a5ea95dfbc.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.3.193:4782
9076803c-a117-4c71-972a-bb9646674dc5
-
encryption_key
B0F82119F08B50916F7F59840988B6B80D7EADC8
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
42047a3bda7fa746b62f4140bde1202f1746940b61145ae3209907a5ea95dfbc
-
Size
3.1MB
-
MD5
3db30c01a9ac8f9db4eb52c97a6cc678
-
SHA1
f2e2bdafc4194e936e2ba74a35e6ea60e897e904
-
SHA256
42047a3bda7fa746b62f4140bde1202f1746940b61145ae3209907a5ea95dfbc
-
SHA512
5e59d4d18ee3b9f351393ddc03494f541048058eee04cb49ddf4a9e9043e397d50b6de15c9e3b2b1ea1cca597764d55453cdc1084caa1e7a0acb231ed6dbac8b
-
SSDEEP
49152:3vXI22SsaNYfdPBldt698dBcjHS4A/yBxLzoGd4tkTHHB72eh2NT:3vY22SsaNYfdPBldt6+dBcjHS/i
-
Quasar payload
-
Executes dropped EXE
-
Drops file in System32 directory
-