General

  • Target

    Client-built.bat

  • Size

    1.8MB

  • Sample

    240419-wgdf6sca5z

  • MD5

    3fbd3f63effc0d1dd71a439393b293ae

  • SHA1

    0bed7df8938d18495a061133da4fe731b947de14

  • SHA256

    f07acfcbf476dab38e3790a6208dc4216bab8c8ae19c3ec6529f70f84f3e9165

  • SHA512

    ab18b2c93d6c0650fb105d05cc69f778f1c98f13b278ff327e6e3e70beae83965e6ace66d78a1d526c99216f5aeb509a4eb158a809bac2a219c675447d99235f

  • SSDEEP

    24576:mIb2faqtKK426nqfX3K/rBSfl4ohNtxFMB5kMIDJ0opfGNq80wC1XoN7d:m02H6w/NF+uBwC1Xu7d

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

127.0.0.1:4782

Mutex

b5ebc587-c8dc-4d34-91e9-41d81af9bf2b

Attributes
  • encryption_key

    3E64BD0F3C2CB6D39F080AD73274220030417C14

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.bat

    • Size

      1.8MB

    • MD5

      3fbd3f63effc0d1dd71a439393b293ae

    • SHA1

      0bed7df8938d18495a061133da4fe731b947de14

    • SHA256

      f07acfcbf476dab38e3790a6208dc4216bab8c8ae19c3ec6529f70f84f3e9165

    • SHA512

      ab18b2c93d6c0650fb105d05cc69f778f1c98f13b278ff327e6e3e70beae83965e6ace66d78a1d526c99216f5aeb509a4eb158a809bac2a219c675447d99235f

    • SSDEEP

      24576:mIb2faqtKK426nqfX3K/rBSfl4ohNtxFMB5kMIDJ0opfGNq80wC1XoN7d:m02H6w/NF+uBwC1Xu7d

MITRE ATT&CK Matrix

Tasks