General
-
Target
Client-built.exe
-
Size
3.1MB
-
Sample
240806-bga1tsyblf
-
MD5
eddcb90a0444e20a6e8861b993b53a82
-
SHA1
0b94501870f13dc509dadf75afc3b755f587c344
-
SHA256
22cedd370dd77c1712db4bb183ca9b1bc8bfef9a5b21aac647716d3a809ab625
-
SHA512
87e9843fc8e2e67127602e7709349f4556116bd0e958c44ca926d0f494f29d60c18dea2feaa364ef966418a42115166b7fd87da4371c5e439d3fa95f626de5a1
-
SSDEEP
49152:zuk67WAUifMSrU4jakNWJXk6OqBCdDI+2eTKqTHHB72eh2NT:zupWAbfMSrU4jakNWJXPOfXu
Behavioral task
behavioral1
Sample
Client-built.exe
Resource
win7-20240705-en
Malware Config
Extracted
quasar
1.4.1
Office04
147.185.221.20:18563
147.185.221.20:9835
c2e1b18a-ce93-436d-ad8b-21bf89015e19
-
encryption_key
9E968F05BD874BA1BE086FD1774A027473823F49
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
Client-built.exe
-
Size
3.1MB
-
MD5
eddcb90a0444e20a6e8861b993b53a82
-
SHA1
0b94501870f13dc509dadf75afc3b755f587c344
-
SHA256
22cedd370dd77c1712db4bb183ca9b1bc8bfef9a5b21aac647716d3a809ab625
-
SHA512
87e9843fc8e2e67127602e7709349f4556116bd0e958c44ca926d0f494f29d60c18dea2feaa364ef966418a42115166b7fd87da4371c5e439d3fa95f626de5a1
-
SSDEEP
49152:zuk67WAUifMSrU4jakNWJXk6OqBCdDI+2eTKqTHHB72eh2NT:zupWAbfMSrU4jakNWJXPOfXu
-
Quasar payload
-
Drops file in System32 directory
-