General
-
Target
Bootstrapper.rar
-
Size
1.0MB
-
Sample
240806-t9m5zathkl
-
MD5
d9fa5de22e42d5e461b364ea96726a8f
-
SHA1
ac92043326fec3571c9aac956006eed801a6e999
-
SHA256
4d1a67cbb466e224e63bb648963c0de048b9fc9af98555a53b663e5e5f3b4695
-
SHA512
9b851963034d6eac74e3ddd32dd7649649dde0e90a603ac2abb4b67d6445e002d140a7a0667cc3a7f3ac75c070683846e1749d70c54a1b9a36683b8dabf69942
-
SSDEEP
24576:yF7IDE/sWubWgSC211TB3hJ1bWzTgEC6YRlbVFP704XC7J879x:y5XubWgSC+BBwz0EsbrwUqJ877
Static task
static1
Malware Config
Extracted
quasar
1.4.1
Office04
wefdwef-34180.portmap.host:34180
c4be1726-3f86-4f80-bc7c-0779b06ffeeb
-
encryption_key
97BF1FDCF446A7218FA05296FD8D8F0C41A6B1E7
-
install_name
Bootstrapper.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Spotify
-
subdirectory
system32
Targets
-
-
Target
Bootstrapper.rar
-
Size
1.0MB
-
MD5
d9fa5de22e42d5e461b364ea96726a8f
-
SHA1
ac92043326fec3571c9aac956006eed801a6e999
-
SHA256
4d1a67cbb466e224e63bb648963c0de048b9fc9af98555a53b663e5e5f3b4695
-
SHA512
9b851963034d6eac74e3ddd32dd7649649dde0e90a603ac2abb4b67d6445e002d140a7a0667cc3a7f3ac75c070683846e1749d70c54a1b9a36683b8dabf69942
-
SSDEEP
24576:yF7IDE/sWubWgSC211TB3hJ1bWzTgEC6YRlbVFP704XC7J879x:y5XubWgSC+BBwz0EsbrwUqJ877
-
Quasar payload
-
Executes dropped EXE
-