General
-
Target
SRCkey.exe
-
Size
3.1MB
-
Sample
240730-wdak4svfne
-
MD5
d0fa55b027cf3268483208bc5087bf14
-
SHA1
758d9396522e8458159bb7b5186340caf767f691
-
SHA256
c1fba0fc260e24b6f42a72d8725aac400465890e5ee1a422cd567229ec1609bc
-
SHA512
418ae9524de8f7326fe77c2664f1cdf2f807c0a50fe6e2619cc32fb863eff08a1b3ec26c029f1e319f540e9074380e8ca2dc9fb3f65e0cb2d26947037967f48b
-
SSDEEP
49152:PvyI22SsaNYfdPBldt698dBcjHkrRJ6VbR3LoGdGTHHB72eh2NT:Pvf22SsaNYfdPBldt6+dBcjHkrRJ6n
Behavioral task
behavioral1
Sample
SRCkey.exe
Resource
win10v2004-20240730-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.8.180:4782
b532486b-fe2e-45a2-ac9b-42f784c55957
-
encryption_key
33E00C0591CE60DF8D1A4C8EBCF120A2AD5D348C
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Microsoft defender
-
subdirectory
SubDir
Targets
-
-
Target
SRCkey.exe
-
Size
3.1MB
-
MD5
d0fa55b027cf3268483208bc5087bf14
-
SHA1
758d9396522e8458159bb7b5186340caf767f691
-
SHA256
c1fba0fc260e24b6f42a72d8725aac400465890e5ee1a422cd567229ec1609bc
-
SHA512
418ae9524de8f7326fe77c2664f1cdf2f807c0a50fe6e2619cc32fb863eff08a1b3ec26c029f1e319f540e9074380e8ca2dc9fb3f65e0cb2d26947037967f48b
-
SSDEEP
49152:PvyI22SsaNYfdPBldt698dBcjHkrRJ6VbR3LoGdGTHHB72eh2NT:Pvf22SsaNYfdPBldt6+dBcjHkrRJ6n
-
Quasar payload
-
Executes dropped EXE
-