General
-
Target
REFWREFWFERW.exe
-
Size
3.1MB
-
Sample
240817-bgk6ssyare
-
MD5
48bcf3f7f7ed5211153d9a13b314953f
-
SHA1
1e96a281f60635faa75716ffd3335d11c071a10c
-
SHA256
d899107c3850793a06f662ab3d72e8a264aad084d1de32fab0dcbde2f6aff825
-
SHA512
b5ea0313537a6a053d4016f64c0ffd4b8a2f3647bf07030442d34cefdcc04572d576e134a5ae95a2d3942e7da78d0aa281525d02d99d0351cae8dffe06c852a4
-
SSDEEP
49152:PvTlL26AaNeWgPhlmVqvMQ7XSKOCS11J/moGdvTHHB72eh2NT:PvJL26AaNeWgPhlmVqkQ7XSKOCSI
Malware Config
Extracted
quasar
1.4.1
skibidi
147.185.221.21:5176
147.185.221.21:64088
48d7feae-7986-4f1b-9452-517641c90050
-
encryption_key
0C9BBAEF09101D90892F662DEEC9776ED5994649
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
REFWREFWFERW.exe
-
Size
3.1MB
-
MD5
48bcf3f7f7ed5211153d9a13b314953f
-
SHA1
1e96a281f60635faa75716ffd3335d11c071a10c
-
SHA256
d899107c3850793a06f662ab3d72e8a264aad084d1de32fab0dcbde2f6aff825
-
SHA512
b5ea0313537a6a053d4016f64c0ffd4b8a2f3647bf07030442d34cefdcc04572d576e134a5ae95a2d3942e7da78d0aa281525d02d99d0351cae8dffe06c852a4
-
SSDEEP
49152:PvTlL26AaNeWgPhlmVqvMQ7XSKOCS11J/moGdvTHHB72eh2NT:PvJL26AaNeWgPhlmVqkQ7XSKOCSI
-
Quasar payload
-