General
-
Target
88c614
-
Size
10KB
-
Sample
240424-nzy7lahe55
-
MD5
c9bc4f1003e2826fc337ee7bb4649e1a
-
SHA1
3429338d02c8469874d7b89755d8abd0522d1aa2
-
SHA256
0383ba1a5f400e3cdab2ab95650cf5110640b486d0fe9f840d332472db797255
-
SHA512
cf7630bf6653db032fddd33fa7934d5d9c05a132006861bb5ed53e4d3f5192ccd9ef0bd70fbc408bf7238db4df109ddafe7e144af999df817b7d545d97285bb9
-
SSDEEP
192:SuW1+DWDbSLZLILxLWq7qLKeLtLgTLeLXL+LbLhYLhTFMGQoFnwAuVfUV/6fLvfw:SuW1+DWDbSt0V4eepkTKTC/NYN5MGtnh
Static task
static1
Behavioral task
behavioral1
Sample
88c614.html
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
88c614.html
Resource
win11-20240412-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.174.1:4782
b7c44e7e-eda8-49c1-881f-dff3c8b1d0c9
-
encryption_key
CA9FF4F38A1F1118F7C85C31CA91417B492B6C09
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
88c614
-
Size
10KB
-
MD5
c9bc4f1003e2826fc337ee7bb4649e1a
-
SHA1
3429338d02c8469874d7b89755d8abd0522d1aa2
-
SHA256
0383ba1a5f400e3cdab2ab95650cf5110640b486d0fe9f840d332472db797255
-
SHA512
cf7630bf6653db032fddd33fa7934d5d9c05a132006861bb5ed53e4d3f5192ccd9ef0bd70fbc408bf7238db4df109ddafe7e144af999df817b7d545d97285bb9
-
SSDEEP
192:SuW1+DWDbSLZLILxLWq7qLKeLtLgTLeLXL+LbLhYLhTFMGQoFnwAuVfUV/6fLvfw:SuW1+DWDbSt0V4eepkTKTC/NYN5MGtnh
-
Quasar payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-