General
-
Target
solara.exe
-
Size
3.1MB
-
Sample
240518-yys93adg52
-
MD5
9c9e1009cf33ab0f1652ccd8a5f845c1
-
SHA1
42d9282a9443175c4f64a7fce83fb39878aa6600
-
SHA256
85d92e5e062b2e847e0334ed5afef5e7ff708e87ba6f25e31be00a0570827b98
-
SHA512
89f3bd5700024260e82369e97c43a6a82a10bc5a7330f0b73dd3c53037e4aa8f9e535727feb58df2e8c54ec48ac9a397dadc49cf1f7cfeaffa00134714e80118
-
SSDEEP
49152:SvtI22SsaNYfdPBldt698dBcjHDPRJ6/bR3LoGdSTHHB72eh2NT:Svm22SsaNYfdPBldt6+dBcjHDPRJ6R
Behavioral task
behavioral1
Sample
solara.exe
Resource
win7-20240508-en
Malware Config
Extracted
quasar
1.4.1
consis
192.168.0.75:4783
7c58e842-ae6e-4f79-bca8-c40fc05002b5
-
encryption_key
3F4E1662FE86BE65EF2C4E1F0FEFAABC94765DDB
-
install_name
Sub-1.exe
-
log_directory
Logs
-
reconnect_delay
1500
-
startup_key
Quasar Client Startup
-
subdirectory
Windows
Targets
-
-
Target
solara.exe
-
Size
3.1MB
-
MD5
9c9e1009cf33ab0f1652ccd8a5f845c1
-
SHA1
42d9282a9443175c4f64a7fce83fb39878aa6600
-
SHA256
85d92e5e062b2e847e0334ed5afef5e7ff708e87ba6f25e31be00a0570827b98
-
SHA512
89f3bd5700024260e82369e97c43a6a82a10bc5a7330f0b73dd3c53037e4aa8f9e535727feb58df2e8c54ec48ac9a397dadc49cf1f7cfeaffa00134714e80118
-
SSDEEP
49152:SvtI22SsaNYfdPBldt698dBcjHDPRJ6/bR3LoGdSTHHB72eh2NT:Svm22SsaNYfdPBldt6+dBcjHDPRJ6R
-
Quasar payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-