General
-
Target
213598e4af847a8b3a86a751c7bae705c0ec5efcc957be8e781b800af0e4c42a
-
Size
3.1MB
-
Sample
240407-kxz5bshg89
-
MD5
e6e5b0206d660d8d2b1f95489c47676c
-
SHA1
b759f8b5d05359bc76231c38fa9a9908833d80f0
-
SHA256
213598e4af847a8b3a86a751c7bae705c0ec5efcc957be8e781b800af0e4c42a
-
SHA512
ab9aed935c04cd7cf28b0cc99b4f6c3eeec98e6c87d02fc63901ef535ccaa2ee7c9e88245d77fdf6daff871c8c97cd80e387ec05fd5b9f893c72efee656957c6
-
SSDEEP
49152:uvbI22SsaNYfdPBldt698dBcjHtcHYmz61oGdJ41THHB72eh2NT:uvk22SsaNYfdPBldt6+dBcjHtcH6
Behavioral task
behavioral1
Sample
213598e4af847a8b3a86a751c7bae705c0ec5efcc957be8e781b800af0e4c42a.exe
Resource
win7-20240319-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.192.132:4782
676bf7d9-7be2-49c7-8dbc-e7aa151077ef
-
encryption_key
078128392C66507080448E997CEF10A11294A13A
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
213598e4af847a8b3a86a751c7bae705c0ec5efcc957be8e781b800af0e4c42a
-
Size
3.1MB
-
MD5
e6e5b0206d660d8d2b1f95489c47676c
-
SHA1
b759f8b5d05359bc76231c38fa9a9908833d80f0
-
SHA256
213598e4af847a8b3a86a751c7bae705c0ec5efcc957be8e781b800af0e4c42a
-
SHA512
ab9aed935c04cd7cf28b0cc99b4f6c3eeec98e6c87d02fc63901ef535ccaa2ee7c9e88245d77fdf6daff871c8c97cd80e387ec05fd5b9f893c72efee656957c6
-
SSDEEP
49152:uvbI22SsaNYfdPBldt698dBcjHtcHYmz61oGdJ41THHB72eh2NT:uvk22SsaNYfdPBldt6+dBcjHtcH6
-
Quasar payload
-