General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
240423-3medzsch3y
-
MD5
3bced6ac1c801a8e7cc5ceda7d5c35c8
-
SHA1
723c904a457d8ec456abf529f22b66e52750de99
-
SHA256
95c14dce137abdab31b303d3cacf6dcd6921965770b98efecd2764a8dd01987e
-
SHA512
f6a4c02823ad51b9b02af3088d79d8ff0b4ad50bcd53bb76d32fb3309fedf4c7c6db88eeccccea73f5ec7ffc4eeb061455b39535c3e966843fd5b462d8fccdc9
-
SSDEEP
49152:avvI22SsaNYfdPBldt698dBcjHK4GqBejwo2daDITHHB72eh2NT:avg22SsaNYfdPBldt6+dBcjHtGC
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.1.154:4782
fc77cfe1-d80b-48cb-9d89-f3ae226a2e4f
-
encryption_key
A27F98046AFCBDB83B88F9A80F76106C932ED471
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
3bced6ac1c801a8e7cc5ceda7d5c35c8
-
SHA1
723c904a457d8ec456abf529f22b66e52750de99
-
SHA256
95c14dce137abdab31b303d3cacf6dcd6921965770b98efecd2764a8dd01987e
-
SHA512
f6a4c02823ad51b9b02af3088d79d8ff0b4ad50bcd53bb76d32fb3309fedf4c7c6db88eeccccea73f5ec7ffc4eeb061455b39535c3e966843fd5b462d8fccdc9
-
SSDEEP
49152:avvI22SsaNYfdPBldt698dBcjHK4GqBejwo2daDITHHB72eh2NT:avg22SsaNYfdPBldt6+dBcjHtGC
-
Quasar payload
-
Executes dropped EXE
-