Resubmissions

15/10/2024, 18:43 UTC

241015-xcv14avdjn 10

15/10/2024, 00:19 UTC

241015-al9jhstelf 10

15/10/2024, 00:16 UTC

241015-akkh1atdpd 10

14/10/2024, 23:42 UTC

241014-3qeh6awdrq 10

14/10/2024, 23:27 UTC

241014-3fm3jswaqk 10

General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • Sample

    241015-akkh1atdpd

  • MD5

    e35d832888fda0fd705386a4b94ecc49

  • SHA1

    86380c3eea496c7947c25c547748cfeed51c4de9

  • SHA256

    aa3170ce6b4bbd9960ac0ccd60f7d0b39cc0d28254bfe73545b540cbd8444b21

  • SHA512

    60d6aec705948474fa007dad26fdba9b92dcb1098aefb4eed2898af7b048729e4a3ee5af7e7b9ca9e555b97b54f6d97007dfc1531d0abb9e5da01b5911c5fd63

  • SSDEEP

    49152:Av4lL26AaNeWgPhlmVqvMQ7XSKNEREuY4oGdPwTHHB72eh2NT:AvQL26AaNeWgPhlmVqkQ7XSKmREuT

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

HomoThugger-36407.portmap.host:36407

Mutex

42d6f4c0-e8fc-473a-b92d-ded3fb29334a

Attributes
  • encryption_key

    3CDA48FEB25557C87485A9F37CDC861398BEA3C7

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.exe

    • Size

      3.1MB

    • MD5

      e35d832888fda0fd705386a4b94ecc49

    • SHA1

      86380c3eea496c7947c25c547748cfeed51c4de9

    • SHA256

      aa3170ce6b4bbd9960ac0ccd60f7d0b39cc0d28254bfe73545b540cbd8444b21

    • SHA512

      60d6aec705948474fa007dad26fdba9b92dcb1098aefb4eed2898af7b048729e4a3ee5af7e7b9ca9e555b97b54f6d97007dfc1531d0abb9e5da01b5911c5fd63

    • SSDEEP

      49152:Av4lL26AaNeWgPhlmVqvMQ7XSKNEREuY4oGdPwTHHB72eh2NT:AvQL26AaNeWgPhlmVqkQ7XSKmREuT

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.