General
-
Target
429d98e4f83301b513eab17210d91579428ac61e976e0df744d155f7f27f46b0
-
Size
3.1MB
-
Sample
240801-ksk5lsscpq
-
MD5
2a93b7369d5bff945e137add755297dc
-
SHA1
a43b23f75685dd1033fcaf8a8611c0aeff7cb9c9
-
SHA256
429d98e4f83301b513eab17210d91579428ac61e976e0df744d155f7f27f46b0
-
SHA512
a3d0b5ce054f3765f4f074352aea11cad09689201b9759b0ef32f5e3063c3706bb9991ff8de63c172d43db97073f88f9259ef1cb6a1a25c194125c88e0b17a95
-
SSDEEP
49152:WvXI22SsaNYfdPBldt698dBcjHPFWbCE2CxpmIHLoGOfpTHHB72eh2NT:WvY22SsaNYfdPBldt6+dBcjHtWbCi
Behavioral task
behavioral1
Sample
429d98e4f83301b513eab17210d91579428ac61e976e0df744d155f7f27f46b0.exe
Resource
win7-20240708-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.8.195:4782
f569b663-adac-40e8-9ba7-aa60b6838dad
-
encryption_key
EB173B446A47D9C5ABC3CE2B7C417F5FCEC32402
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
429d98e4f83301b513eab17210d91579428ac61e976e0df744d155f7f27f46b0
-
Size
3.1MB
-
MD5
2a93b7369d5bff945e137add755297dc
-
SHA1
a43b23f75685dd1033fcaf8a8611c0aeff7cb9c9
-
SHA256
429d98e4f83301b513eab17210d91579428ac61e976e0df744d155f7f27f46b0
-
SHA512
a3d0b5ce054f3765f4f074352aea11cad09689201b9759b0ef32f5e3063c3706bb9991ff8de63c172d43db97073f88f9259ef1cb6a1a25c194125c88e0b17a95
-
SSDEEP
49152:WvXI22SsaNYfdPBldt698dBcjHPFWbCE2CxpmIHLoGOfpTHHB72eh2NT:WvY22SsaNYfdPBldt6+dBcjHtWbCi
-
Quasar payload
-