General
-
Target
Patch Fix.exe
-
Size
1.0MB
-
Sample
240530-fmzctsfe21
-
MD5
0b44f548d340e9275d94971241bb8f7a
-
SHA1
f33be25f3f0e471e9e65613e0493cf1900b22422
-
SHA256
ae0e11a13ffa7d349b3fbd4e1966d25a5a339b164ed6cc87bbf8da76abde8866
-
SHA512
633629ea7a8a64dc00560bc3e1ed5de25ca234cdadabfcc83ac52e779464c72035111332c11162ddf2a971660c915b3e7eced02c132f07788cc5d46e73dfb577
-
SSDEEP
24576:aNxY7AJDq1S1pOefXNV8PYabTFSlPZFfk4:aNxvtXOefb8xleR7
Static task
static1
Behavioral task
behavioral1
Sample
Patch Fix.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Patch Fix.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
quasar
1.3.0.0
Chrome
qassar23.ddns.net:1993
QSR_MUTEX_Uk4K1FeKx4DjEtnjXG
-
encryption_key
4rkb9eRfFISIy758S45s
-
install_name
Update service.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Chrome
-
subdirectory
microsofte
Targets
-
-
Target
Patch Fix.exe
-
Size
1.0MB
-
MD5
0b44f548d340e9275d94971241bb8f7a
-
SHA1
f33be25f3f0e471e9e65613e0493cf1900b22422
-
SHA256
ae0e11a13ffa7d349b3fbd4e1966d25a5a339b164ed6cc87bbf8da76abde8866
-
SHA512
633629ea7a8a64dc00560bc3e1ed5de25ca234cdadabfcc83ac52e779464c72035111332c11162ddf2a971660c915b3e7eced02c132f07788cc5d46e73dfb577
-
SSDEEP
24576:aNxY7AJDq1S1pOefXNV8PYabTFSlPZFfk4:aNxvtXOefb8xleR7
Score10/10-
Quasar payload
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-