General
-
Target
7ee3f710d6ca8b838ce11eafbde7e353e364f4ef8673b1286f8cac8e6d2593b8.exe
-
Size
5.5MB
-
Sample
241127-wt21astrhw
-
MD5
3584fb274935562be16e0acd8481e5e4
-
SHA1
d50373fba98e34ef9edb68750c79cbf6ee860e84
-
SHA256
7ee3f710d6ca8b838ce11eafbde7e353e364f4ef8673b1286f8cac8e6d2593b8
-
SHA512
58e8d7612b533f1bdfc51b58d7e10207a74902a77e9182e3963b04e698315b0b76b95a37ef4266ea60ecf50752b56f9b86288421e5428ac170248a5f8ef8e586
-
SSDEEP
49152:6Syf0i8IRS2kHmKVknMqLXrBaqbh0iIeLEBF07f6pIgzrw+Nmpf8Yx0fSBrTArsr:6Sw0iQ2kH/SMuUWh5
Malware Config
Extracted
quasar
1.4.1
Office04
10.0.0.182:4782
192d54ac-367d-416a-a3fb-94c9867b6bcc
-
encryption_key
A0116FBCBB72242E5F0C86156C74310C2835207A
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
7ee3f710d6ca8b838ce11eafbde7e353e364f4ef8673b1286f8cac8e6d2593b8.exe
-
Size
5.5MB
-
MD5
3584fb274935562be16e0acd8481e5e4
-
SHA1
d50373fba98e34ef9edb68750c79cbf6ee860e84
-
SHA256
7ee3f710d6ca8b838ce11eafbde7e353e364f4ef8673b1286f8cac8e6d2593b8
-
SHA512
58e8d7612b533f1bdfc51b58d7e10207a74902a77e9182e3963b04e698315b0b76b95a37ef4266ea60ecf50752b56f9b86288421e5428ac170248a5f8ef8e586
-
SSDEEP
49152:6Syf0i8IRS2kHmKVknMqLXrBaqbh0iIeLEBF07f6pIgzrw+Nmpf8Yx0fSBrTArsr:6Sw0iQ2kH/SMuUWh5
Score10/10-
Quasar RAT
Quasar is an open source Remote Access Tool.
-
Quasar family
-
Quasar payload
-