General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
240407-hte9msfe4y
-
MD5
ff5bd07dcdfb3bd5d8c65a29eb3ed8be
-
SHA1
10a1bec3916604a660a3bfe12cf94f452a6b97c3
-
SHA256
a020684317ac3536e304bd189a4885100a83951a9807b2d1b6bd1e7b42e354bc
-
SHA512
599f33164da41203ea08f94681e732980b62311698aacf6bbef96c9b5dfc1bec45c50135a299f7d6cc51e2721d20da5131cb46da76334de93788465517ccaacc
-
SSDEEP
49152:3vaI22SsaNYfdPBldt698dBcjHAqB9eW2iWfk/QsoGdH+THHB72eh2NT:3vX22SsaNYfdPBldt6+dBcjHfB9e+
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
predictor.serveblog.net:4782
755f883f-4d58-4349-bc9e-f21c4e163b6f
-
encryption_key
EE65D8F2E429F4900E3A17963595716D863A2455
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
ff5bd07dcdfb3bd5d8c65a29eb3ed8be
-
SHA1
10a1bec3916604a660a3bfe12cf94f452a6b97c3
-
SHA256
a020684317ac3536e304bd189a4885100a83951a9807b2d1b6bd1e7b42e354bc
-
SHA512
599f33164da41203ea08f94681e732980b62311698aacf6bbef96c9b5dfc1bec45c50135a299f7d6cc51e2721d20da5131cb46da76334de93788465517ccaacc
-
SSDEEP
49152:3vaI22SsaNYfdPBldt698dBcjHAqB9eW2iWfk/QsoGdH+THHB72eh2NT:3vX22SsaNYfdPBldt6+dBcjHfB9e+
-
Quasar payload
-
Executes dropped EXE
-