General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • Sample

    240805-1hbfesyhmj

  • MD5

    a3d554bcb1420600dffa1e4fdd30b37e

  • SHA1

    aa7ce8ab77ca701a99068da68d599f49f76eb415

  • SHA256

    0fe37fd3747fdfebe397d78a6de7e5f7838cbac3eafa6ff62e6abf31bd0d0d45

  • SHA512

    3d8f42c38f5bcdc19b996aa2400d778ff7216fe3bca8c93dce5475431a8e64b956d760b1d0698b9e1ffc11e8870c9ad51de5cb6b7065c9781237b55e95ce6165

  • SSDEEP

    98304:6r7chobIsoSp/yLmfYrHDk36Gu2+wCoZeoY:oMxHDk36Gu2+wCoZpY

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

147.185.221.20:18563

147.185.221.20:9835

Mutex

c2e1b18a-ce93-436d-ad8b-21bf89015e19

Attributes
  • encryption_key

    9E968F05BD874BA1BE086FD1774A027473823F49

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.exe

    • Size

      3.1MB

    • MD5

      a3d554bcb1420600dffa1e4fdd30b37e

    • SHA1

      aa7ce8ab77ca701a99068da68d599f49f76eb415

    • SHA256

      0fe37fd3747fdfebe397d78a6de7e5f7838cbac3eafa6ff62e6abf31bd0d0d45

    • SHA512

      3d8f42c38f5bcdc19b996aa2400d778ff7216fe3bca8c93dce5475431a8e64b956d760b1d0698b9e1ffc11e8870c9ad51de5cb6b7065c9781237b55e95ce6165

    • SSDEEP

      98304:6r7chobIsoSp/yLmfYrHDk36Gu2+wCoZeoY:oMxHDk36Gu2+wCoZpY

MITRE ATT&CK Enterprise v15

Tasks