General
-
Target
solara.rar
-
Size
1.0MB
-
Sample
240802-3l6rvavfpj
-
MD5
5afdd9d2f1e67b287dbee799bd03f656
-
SHA1
bd17315a831cb0a17d944d94757766e4128f748d
-
SHA256
72e98b7008bc9306db84caf8577e00fa8edca0e2fdd473b234b490b16f87ae82
-
SHA512
fa108b397cffc4e608b7d4ad528804e6befc6c38359fea8f7020060033b221762f1f83c8b29da0885585f31a0827c0003f42f2bd4e954eaa88c817c52a809323
-
SSDEEP
24576:o7GHERMwusiArUydQ4sS9DrqhbRhgqHAdpHtu0ZUyF:3kRszArRtsS9DrqbzmHtr1F
Behavioral task
behavioral1
Sample
solara.exe
Resource
win7-20240704-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.86.42:4782
eaedb9b3-efa3-4f4e-8bd1-e6323c15fea8
-
encryption_key
F7A22B1954257A2F04BA3A86C02C0AD9DCBB6415
-
install_name
NovaRecoil.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
REC
-
subdirectory
SubDir
Targets
-
-
Target
solara.exe
-
Size
3.1MB
-
MD5
1bdf6c7fda1c36dab1558b37aeb0d631
-
SHA1
9f7dc44275ee93dd42a8bffba2fc905c5ea56c24
-
SHA256
b7871caa008e2b9b56b23b6d9623064e6f773b58e5508b41001d125e29d71956
-
SHA512
52ddf7ee9b33cbd0fbd0f753cabb32763f2789a42abe995420f6a5d79aa9f841bb3707d088c29c5a9908f7e5c008f69e6f1971d36b2e0baedbe7ab2ac0cce0ce
-
SSDEEP
49152:evkt62XlaSFNWPjljiFa2RoUYIJCH1JjLoGdskTHHB72eh2NT:ev462XlaSFNWPjljiFXRoUYIJCX
-
Quasar payload
-
Executes dropped EXE
-