General
-
Target
Безымянный.png
-
Size
1.1MB
-
Sample
240406-t657daed3v
-
MD5
18ca135c0ec02a47b5d277bdc6a1dfc9
-
SHA1
551bb2c7ced9a1f04ea2320a563f2080b8b9e077
-
SHA256
59e51279f23cf73db2e8e4e55eb16f1bde9f842c5369ae82385ea65eb652586a
-
SHA512
800bcb95b6d3163bc096a57a000f2ea05c8fc35401cb7b19a1e1bfacb7d97d0ee9d3865d951fb4014853fbf6c234cf3f337f7bfa7fcbb534bd2cd0a975dcb43b
-
SSDEEP
24576:8a/hs0AIsPqjBFaQLs5TOnufc4OUZLaFloPpJV4r6B/b:8Ys0AIsPSaGEOn4B+oPi4/b
Static task
static1
Behavioral task
behavioral1
Sample
Безымянный.png
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Безымянный.png
Resource
win10v2004-20240226-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.1.95:4782
01205705-9d2f-4ac9-9e00-f9738734ac6e
-
encryption_key
8861B5A765B7F7E51A1589A37DFCD6AD305CD11F
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Startup
-
subdirectory
SubDir
Targets
-
-
Target
Безымянный.png
-
Size
1.1MB
-
MD5
18ca135c0ec02a47b5d277bdc6a1dfc9
-
SHA1
551bb2c7ced9a1f04ea2320a563f2080b8b9e077
-
SHA256
59e51279f23cf73db2e8e4e55eb16f1bde9f842c5369ae82385ea65eb652586a
-
SHA512
800bcb95b6d3163bc096a57a000f2ea05c8fc35401cb7b19a1e1bfacb7d97d0ee9d3865d951fb4014853fbf6c234cf3f337f7bfa7fcbb534bd2cd0a975dcb43b
-
SSDEEP
24576:8a/hs0AIsPqjBFaQLs5TOnufc4OUZLaFloPpJV4r6B/b:8Ys0AIsPSaGEOn4B+oPi4/b
-
Quasar payload
-
Legitimate hosting services abused for malware hosting/C2
-