General
-
Target
nitro gen.sfx.exe
-
Size
1.4MB
-
Sample
240801-dxy4pszajp
-
MD5
463190548a0b924375fea732967d2dcf
-
SHA1
f4c69c752671f7466b9c60023ecbbb61dc264998
-
SHA256
bd0a7542a724d699799858acaf694cbfc2f281fa8bb0641698d23bdc5454dc38
-
SHA512
b1cad73fd8282b25045a762780cbcaa5a522e458dd86135be91d4f9a42240de0ffa883f951f5d32d184a7b7323b0fea939400d7c5d49a24d0c530ce65b59a0a2
-
SSDEEP
24576:xuDXTIGaPhEYzUzA0/0gqmW7NKGNHUJQ3UP4A4hJNuLMeqQVCJlT:kDjlabwz9Mm0UuW4RvwdqQ6T
Static task
static1
Behavioral task
behavioral1
Sample
nitro gen.sfx.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
nitro gen.sfx.exe
Resource
win10v2004-20240730-en
Malware Config
Extracted
quasar
1.4.1
Office04
fauhfuhfdrga-54679.portmap.host:54679
6ab6e759-61c1-415f-aa2e-b5aa5487acb9
-
encryption_key
EB75A1B85E642DFE711921DF85E99E6D4BC6CC19
-
install_name
nitro gen.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
windows Startup
-
subdirectory
SubDir
Targets
-
-
Target
nitro gen.sfx.exe
-
Size
1.4MB
-
MD5
463190548a0b924375fea732967d2dcf
-
SHA1
f4c69c752671f7466b9c60023ecbbb61dc264998
-
SHA256
bd0a7542a724d699799858acaf694cbfc2f281fa8bb0641698d23bdc5454dc38
-
SHA512
b1cad73fd8282b25045a762780cbcaa5a522e458dd86135be91d4f9a42240de0ffa883f951f5d32d184a7b7323b0fea939400d7c5d49a24d0c530ce65b59a0a2
-
SSDEEP
24576:xuDXTIGaPhEYzUzA0/0gqmW7NKGNHUJQ3UP4A4hJNuLMeqQVCJlT:kDjlabwz9Mm0UuW4RvwdqQ6T
-
Quasar payload
-
Executes dropped EXE
-