General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
240805-1hbfesyhmj
-
MD5
a3d554bcb1420600dffa1e4fdd30b37e
-
SHA1
aa7ce8ab77ca701a99068da68d599f49f76eb415
-
SHA256
0fe37fd3747fdfebe397d78a6de7e5f7838cbac3eafa6ff62e6abf31bd0d0d45
-
SHA512
3d8f42c38f5bcdc19b996aa2400d778ff7216fe3bca8c93dce5475431a8e64b956d760b1d0698b9e1ffc11e8870c9ad51de5cb6b7065c9781237b55e95ce6165
-
SSDEEP
98304:6r7chobIsoSp/yLmfYrHDk36Gu2+wCoZeoY:oMxHDk36Gu2+wCoZpY
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win7-20240708-en
Malware Config
Extracted
quasar
1.4.1
Office04
147.185.221.20:18563
147.185.221.20:9835
c2e1b18a-ce93-436d-ad8b-21bf89015e19
-
encryption_key
9E968F05BD874BA1BE086FD1774A027473823F49
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
a3d554bcb1420600dffa1e4fdd30b37e
-
SHA1
aa7ce8ab77ca701a99068da68d599f49f76eb415
-
SHA256
0fe37fd3747fdfebe397d78a6de7e5f7838cbac3eafa6ff62e6abf31bd0d0d45
-
SHA512
3d8f42c38f5bcdc19b996aa2400d778ff7216fe3bca8c93dce5475431a8e64b956d760b1d0698b9e1ffc11e8870c9ad51de5cb6b7065c9781237b55e95ce6165
-
SSDEEP
98304:6r7chobIsoSp/yLmfYrHDk36Gu2+wCoZeoY:oMxHDk36Gu2+wCoZpY
-
Quasar payload
-