General
-
Target
96f1a72749b4abe9f92e364dcd059dcb.exe
-
Size
3.1MB
-
Sample
240404-l17t1scf49
-
MD5
96f1a72749b4abe9f92e364dcd059dcb
-
SHA1
0480af36fc245942261e67428f4a8b8910d861fd
-
SHA256
996e8d1afc74090b75f936ca57b1570de64dff0dbcdbffa411f9f6ed814fc43f
-
SHA512
2386a5cebb41059293972879880142a087e18a1253c2d9c6b2eb28c5b1179410cf507a2dd6f3f166c99c1f780f15e6bcfbde228eac36616269158a04b9a06abe
-
SSDEEP
49152:Cvkt62XlaSFNWPjljiFa2RoUYIbD0G2LoGdiPTHHB72eh2NT:Cv462XlaSFNWPjljiFXRoUYIbD0G4
Behavioral task
behavioral1
Sample
96f1a72749b4abe9f92e364dcd059dcb.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
45.88.186.209:4782
e70efcae-9ec5-4682-aa19-15651d4d8cc8
-
encryption_key
4EF1547B5DB5058DCCEB6A60D48A54C35026D8D5
-
install_name
gfhgfgjgf.exe
-
log_directory
dfdfsf
-
reconnect_delay
3000
-
startup_key
hgfhjjhgj
-
subdirectory
ghghghfg
Targets
-
-
Target
96f1a72749b4abe9f92e364dcd059dcb.exe
-
Size
3.1MB
-
MD5
96f1a72749b4abe9f92e364dcd059dcb
-
SHA1
0480af36fc245942261e67428f4a8b8910d861fd
-
SHA256
996e8d1afc74090b75f936ca57b1570de64dff0dbcdbffa411f9f6ed814fc43f
-
SHA512
2386a5cebb41059293972879880142a087e18a1253c2d9c6b2eb28c5b1179410cf507a2dd6f3f166c99c1f780f15e6bcfbde228eac36616269158a04b9a06abe
-
SSDEEP
49152:Cvkt62XlaSFNWPjljiFa2RoUYIbD0G2LoGdiPTHHB72eh2NT:Cv462XlaSFNWPjljiFXRoUYIbD0G4
-
Quasar payload
-
Executes dropped EXE
-