Overview
overview
10Static
static
10Licenses/B...e.html
windows7-x64
3Licenses/B...e.html
windows10-2004-x64
3Plugins/Pl...ler.js
windows7-x64
3Plugins/Pl...ler.js
windows10-2004-x64
3Plugins/Pl...ent.js
windows7-x64
3Plugins/Pl...ent.js
windows10-2004-x64
3Plugins/Pl...ent.js
windows7-x64
3Plugins/Pl...ent.js
windows10-2004-x64
3Plugins/Pl...ket.js
windows7-x64
3Plugins/Pl...ket.js
windows10-2004-x64
3Plugins/Pl...gin.js
windows7-x64
3Plugins/Pl...gin.js
windows10-2004-x64
3Plugins/Pl...er.dll
windows7-x64
1Plugins/Pl...er.dll
windows10-2004-x64
1Plugins/Pl...er.dll
windows7-x64
1Plugins/Pl...er.dll
windows10-2004-x64
1Plugins/Pl...sis.js
windows7-x64
3Plugins/Pl...sis.js
windows10-2004-x64
3Plugins/Pl...ing.js
windows7-x64
3Plugins/Pl...ing.js
windows10-2004-x64
3Plugins/Pl...ger.js
windows7-x64
3Plugins/Pl...ger.js
windows10-2004-x64
3Plugins/Pl...ing.js
windows7-x64
3Plugins/Pl...ing.js
windows10-2004-x64
3Plugins/Pl...ths.js
windows7-x64
3Plugins/Pl...ths.js
windows10-2004-x64
3Plugins/Pl...ort.js
windows7-x64
3Plugins/Pl...ort.js
windows10-2004-x64
3Plugins/Pl...ite.js
windows7-x64
3Plugins/Pl...ite.js
windows10-2004-x64
3Plugins/Pl...der.js
windows7-x64
3Plugins/Pl...der.js
windows10-2004-x64
3General
-
Target
4b81e2314fdc8f614dce93135b5fa1d7aa76349b7aab5110afc250c42d49b341
-
Size
85.4MB
-
Sample
240817-2enf9a1bph
-
MD5
896d320133e8e4f2a26d1e40107c998e
-
SHA1
ceae2fc2d9f90ab185ecdb23fa2cfb25be1e856f
-
SHA256
4b81e2314fdc8f614dce93135b5fa1d7aa76349b7aab5110afc250c42d49b341
-
SHA512
bb4fc5c4e88e23b45db6ed5f07eae55de05f14670221ba4425545e30f8bde655165cf2e03ac6b5d59f67faa82a95cf20c4d8f2dc68a5a67a8be4809b291cfae5
-
SSDEEP
1572864:lkQKJXn4toEMutTr0/M3wCyoq0JTsfGh9MG/lH5gyA3lAKhQBbZtBs/+sZJ4I:Cz3/bkRAQgfGh9MG/lH5gfPUbxts9
Behavioral task
behavioral1
Sample
Licenses/BouncyCastle_license.html
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Licenses/BouncyCastle_license.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Plugins/PlugFileManager/Messages/FileManagerHandler.js
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
Plugins/PlugFileManager/Messages/FileManagerHandler.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Plugins/PlugFileManager/Networking/Client.js
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
Plugins/PlugFileManager/Networking/Client.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Plugins/PlugFileManager/Networking/QuasarClient.js
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
Plugins/PlugFileManager/Networking/QuasarClient.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Plugins/PlugFileManager/Packet.js
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
Plugins/PlugFileManager/Packet.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
Plugins/PlugFileManager/Plugin.js
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
Plugins/PlugFileManager/Plugin.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
Plugins/PlugFileManager/obj/Debug/PlugFileManager.dll
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
Plugins/PlugFileManager/obj/Debug/PlugFileManager.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
Plugins/PlugFileManager/obj/Release/PlugFileManager.dll
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
Plugins/PlugFileManager/obj/Release/PlugFileManager.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
Plugins/PlugRecovery/Helpers/AntiAnalysis.js
Resource
win7-20240704-en
Behavioral task
behavioral18
Sample
Plugins/PlugRecovery/Helpers/AntiAnalysis.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
Plugins/PlugRecovery/Helpers/Banking.js
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
Plugins/PlugRecovery/Helpers/Banking.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
Plugins/PlugRecovery/Helpers/Filemanager.js
Resource
win7-20240729-en
Behavioral task
behavioral22
Sample
Plugins/PlugRecovery/Helpers/Filemanager.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
Plugins/PlugRecovery/Helpers/Logging.js
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
Plugins/PlugRecovery/Helpers/Logging.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
Plugins/PlugRecovery/Helpers/Paths.js
Resource
win7-20240704-en
Behavioral task
behavioral26
Sample
Plugins/PlugRecovery/Helpers/Paths.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
Plugins/PlugRecovery/Helpers/Report.js
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
Plugins/PlugRecovery/Helpers/Report.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
Plugins/PlugRecovery/Helpers/SQLite.js
Resource
win7-20240708-en
Behavioral task
behavioral30
Sample
Plugins/PlugRecovery/Helpers/SQLite.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
Plugins/PlugRecovery/Helpers/SqlReader.js
Resource
win7-20240705-en
Behavioral task
behavioral32
Sample
Plugins/PlugRecovery/Helpers/SqlReader.js
Resource
win10v2004-20240802-en
Malware Config
Extracted
quasar
-
reconnect_delay
5000
Targets
-
-
Target
Licenses/BouncyCastle_license.html
-
Size
1KB
-
MD5
56262735cf803b259d4ac97d8738194e
-
SHA1
fe1bdb0ebab0633fd8e1f08751b9d76dbb7176b1
-
SHA256
87c0b1f542d06c2b393aa8b459ccf96b9bd736c74b3aaf5987c91fcec844efef
-
SHA512
7a9c5ddfdffc0ef42a609661858db80e568029fb6c226fec3d1e18ed87995a2f6e311d3bc3df2ca6e411d64a88990cb225c8574c9e73ba796915c7eb14c54520
Score3/10 -
-
-
Target
Plugins/PlugFileManager/Messages/FileManagerHandler.cs
-
Size
17KB
-
MD5
1694fc89dbd6af1aa568ba64d2da1704
-
SHA1
2cc97f2a26828fae2c1769fc34408e818320b93a
-
SHA256
eebf1e1c82010200e214f9498358e94d793b2ef41ba49bb7c1b9fac0b7608f43
-
SHA512
968c47088eb195c34802aec783d6261e855f01793c7cc40fcab3d43c76264c0d4119ee3df625be6257fbbab896ae61f713adc62fe646d0f8a454ec88fa7c5507
-
SSDEEP
192:68pOnvjfufbguIGZXVBbSYFbIEXmLDa5Z7oNIgdQj6y1qTgikp5Pf9kUt2U3:PUDspIUXuLDa5Z4dQAs92O
Score3/10 -
-
-
Target
Plugins/PlugFileManager/Networking/Client.cs
-
Size
22KB
-
MD5
7493bc4d8e7c79c705e43aec73248682
-
SHA1
a41cc214b85d9d1392520bf2fec3d62261f0adfb
-
SHA256
9615b8e6b99a3321800869e8b5d88de5eee44e7892bf8c1f8f72555234876da1
-
SHA512
51bac315cceb1da934751fa321acdac8a0df1b17e55db8e305e191b98993b0d961eb241da805a3e453233b45ccafe85f57829b00bb99d329bccc99a23f0c3d78
-
SSDEEP
192:3hUGnaVC7qiXIPdp2n5Wf1ENo7Y6MhQX6Np0fu0he1WlHib:RHaliXIPdAnKENo7Z4Qa0fuF1WlH2
Score3/10 -
-
-
Target
Plugins/PlugFileManager/Networking/QuasarClient.cs
-
Size
4KB
-
MD5
8dc62088dbf6656cc99667e4a23d9656
-
SHA1
cecb92563fd8eb05ed9dc68ed0b70f4693509b4b
-
SHA256
9730079cd7b6c9bad95543ac2cca4042618a93eb80698b8f648760d7a728b6fc
-
SHA512
3944b944fcdf5565c68bcbb1e012ffdab7e7b88372e2359fe780366e262332a66e00ced73589b11dc63fa109b06eb6b2a292a8cc8b3979b175e902df5d82838b
-
SSDEEP
96:goOMVnM/KcKhCWmUP7DAJnLcadYoNb3kX2xK:hnOjm7DAaayYb5K
Score3/10 -
-
-
Target
Plugins/PlugFileManager/Packet.cs
-
Size
3KB
-
MD5
d6e9387a15877a087869ad9d9be8d79c
-
SHA1
9917d5e10602731b846cc783d81bfc86c4ee6032
-
SHA256
00abeeb33645cbd1f51a1d511ea4d6a886f760b3ae6176778e036ccb4a53bdc6
-
SHA512
8d9ef7edb68182342827129a08fe4dc1fe7b3242a8c18d275777c7c82fc710a0086116d0f03e821e111e5306cb7b3f8c17d5214eaba5ebc973382ac3ad090c8f
Score3/10 -
-
-
Target
Plugins/PlugFileManager/Plugin.cs
-
Size
1KB
-
MD5
9fadc4ad0537d3330249c43d95aeccc4
-
SHA1
749e9410f36f73962e5146d153e41f9a5b87d633
-
SHA256
97f7bada92bc7442c702496a3b76ef11468e4c95e23a2c968b91b865485920d5
-
SHA512
b19de130bd072eec63ca0008081425a155a6697c809db9fa44bfd8efb9491dc89ccdf9b6e467bf750f067882fa8aa768e4f33037156b50ea0268cf5cd657e1b1
Score3/10 -
-
-
Target
Plugins/PlugFileManager/obj/Debug/PlugFileManager.dll
-
Size
24KB
-
MD5
1ecd5831321eb6f0362837b42e3ed765
-
SHA1
2a1dc1172d9bc7ac4a919642b63c8b3cd06d8eb9
-
SHA256
12dce25af68aa1b3a368f9a6a140f4c291b9e5af279cbadd4b515bbdda575c80
-
SHA512
395e318ca5b4c1834bcedf3e4da00b8f1bd8897af08dc5bcfc053a1be986377b78efe5f4df2cfed94f9c348d0d472feb608e0d87582e3f5a91eda44a825169ab
-
SSDEEP
384:Bk6AgER+YyKcmmpv+tedumZVjHcKxnv1Mw4Ylmz3y2L6G9lCcdc/HFNhO/0M0+hs:XE8Yr7mAtedumZV7niYlm3isl0vU2
Score1/10 -
-
-
Target
Plugins/PlugFileManager/obj/Release/PlugFileManager.dll
-
Size
23KB
-
MD5
cd70c898403f2ec91cbb3aa2a0d188f5
-
SHA1
cb579a3b010ccc28f5533acda93d2cc02a4aff69
-
SHA256
3fef461c11c9db65474647225d5c4344021a3b3428642fe91b780731388d5d5e
-
SHA512
eb27313698c24853e4297f473a2219f4ba6b03add76260d5b4dd6c7a457c3ae70ce0cf47fc834204759b922387bcdd56cf1c111d9fb6de0433f806fedba53514
-
SSDEEP
384:mMEhYSa/qKfdQA72FSmKduZbkbNgVBoLhJlvcdl/DIrNUQ70MWmE9:mMEh/iRfdT7oSFgVBoLl9+vB
Score1/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/AntiAnalysis.cs
-
Size
5KB
-
MD5
3c59e069a57ba5f3424ded01d3deeac1
-
SHA1
8311b1c3969500afb3e68acffd1ad83b37598744
-
SHA256
bc8fded8cfc0eafbe4c7ca1f511584ea46ada7a4b200c1de9473dc4d35acb6d6
-
SHA512
1200e0603fac24fdf1d5de986f4c48bb2d603397978430dbecaf42176dea0b29d9e35f87f28c82f788638dee4db46e57cc50544e23df1a99a4c70253be2451a9
-
SSDEEP
96:JjN26W8MVvMtco3pULQR+VZt5VceagJgdIbHERRSU09xm2toEbD:W/Eio3pUER+vieX8RSU03mIoEf
Score3/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/Banking.cs
-
Size
5KB
-
MD5
0a9fb73925674332f529a5c00e0d9011
-
SHA1
290dec1b0347f8cd8ea9861ef23d9f7fcfc4e0ef
-
SHA256
45fc8be0ff32b7637e5d82cb1d8f7658330612e03b5b064f4be57e06848191c8
-
SHA512
35da9e079dd88c503602dc8c70da69d251e3a8b1c1e399d117b320b0f220922321c5d2de8ce45d77ae6ead811d8288cb7398c130f2314c7b666863dde01f99a2
-
SSDEEP
96:Jj4YePIocToM0VZAMc/aEoJlZOEYBjLWfsev4yXd1y18ByPzNR0Ub:iWxKc/ZQlZNYBLWUQXdM18QPzNR0Ub
Score3/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/Filemanager.cs
-
Size
2KB
-
MD5
a44095339b21a375d40086beb445de66
-
SHA1
8f29dad644d26e00260b5b4a542c47e320766e90
-
SHA256
487f389cd70c20028d68a4875cd2c666e60741013415e9563552090a19bf44f9
-
SHA512
e398e05941e2b63abfc0d2dcefe834449a8732e5840e9906e3fc41b79f3aea81234aae02b1da0e37ad42bf1caf2c77820a56aae1d0c759e22b9affbb71071859
Score3/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/Logging.cs
-
Size
901B
-
MD5
ce836eee5f83b5dabd4310a1998688b8
-
SHA1
07648085542cd87826d0238e52e4cdbe135ecfd2
-
SHA256
dfedbfd8b73cf9a80d3b5361328a729a32c210826195c9c0c103b5e1db6d966b
-
SHA512
a47766a8d8fcc89843e3bd9d2fee1178d5a9975f04d11a704c2ba5845bd8ca0db927d0a592ae408d57a204e4bdbc0d131ada1fa2f82513d7294360f21608edfe
Score3/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/Paths.cs
-
Size
10KB
-
MD5
4e5f743f5c2667daa01fc94bd6d04fa2
-
SHA1
2b831e6b74bc79d55151da21518a0bc4dbfd65b5
-
SHA256
054c8b72dfee0c680a11bd43db783c8d337b5fcdcb1aa6a679c9c90697e7eaa4
-
SHA512
0efcc47a9c33aca2ccc351e30a4e57025579049f25c2433f7208c5049ecc74f6a088ffb29101c5fd3b72ae4774881caf5076903ab180d071de8993bd6993e10a
-
SSDEEP
192:9qPOnllcHvMf6Tkg6Vxg9J/U+oRi8MRKWQUXQ+4Mb:sBkypcWH/UK8MRBP4+
Score3/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/Report.cs
-
Size
7KB
-
MD5
3f8fe700ea60886e0ad41c5b93f8d971
-
SHA1
2c233c27b0e5a5cbc16e5c39f920550be52edc2b
-
SHA256
db66be87ac9ef5904d6c9c7e7681db589dcf706959cebc00132a2704e4141652
-
SHA512
dfe8d22ce91976c7d9a2e9f04a515ac0a5bf4c381618a1ae9d83186fd0a6393a6c5d8ac15425053e03ec574f88f025d3eb9f47c206eb2fb91373c600c2bfe4dd
-
SSDEEP
192:i2ki3KMO+pOy5SOTOPOkEOcOqOcOU3OhOlOFO8dOz6O3O7OBOROHO91MRUOAOHI4:i2PktMKWkdV/V7sQw8IzPeSMcu9qPRGS
Score3/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/SQLite.cs
-
Size
18KB
-
MD5
97b223061e95ffe5089da1a687026d84
-
SHA1
1884de3b0d5eb9cfa32f8569db3762389b1c5889
-
SHA256
fcb788540955e0dafdaae6b22fb811d535c21996c9f9a404c352d565b7ff249c
-
SHA512
49eaeb9021a7c8a25b1676d763ee54d61e6fc2abfadafc99ebf20e0004565aeeff35f73528ce49dd3944849166fb29c98d5e4c1238d69bdf0723b999d52837f4
-
SSDEEP
384:iAN9AA8zm8Ab8xAIYWl9dX6OwdlFq1FYYFRN0mTZRH3:iAN9AA8zm8Ab8xAIYWl9dX6OwdfqPYon
Score3/10 -
-
-
Target
Plugins/PlugRecovery/Helpers/SqlReader.cs
-
Size
776B
-
MD5
2ec892a22f5b716be7aa5faf4d896e3f
-
SHA1
5f5f75e9d28e0beeccfcd350101f50d7898108d7
-
SHA256
0d357e56aab508d67a758db2586f4c2f3fa0e466724e364ae4c90dace563c985
-
SHA512
4151673f0ad6857b177cc6f0a634d2c04383bda194c16e4c07938630e13c20df5642e5fe82f443c6ad6ddde272efbf34561660a5e183ee11ea97eee23ce6b22e
Score3/10 -