General
-
Target
1a5f35980c44bc927abe47bef7435177f44f0d8a4c7632a6de4024e2716e85e0.exe
-
Size
3.1MB
-
Sample
241210-hlq16ssmcq
-
MD5
fe9288f31b98a1d42d805ceba700fb39
-
SHA1
208a5912e6086a4a3266b9f11346ae77ad8a35ff
-
SHA256
1a5f35980c44bc927abe47bef7435177f44f0d8a4c7632a6de4024e2716e85e0
-
SHA512
b9adfd4e75be72198ff06447cd67d8f852625c3ef61eff9247dfd1e4941fae58866debdc4b8aa8921f5c448eec18e3106436896f79b70b47af6e2bdf64ccb2a9
-
SSDEEP
49152:Vvht62XlaSFNWPjljiFa2RoUYIdqWhybRjPLoGddJfTHHB72eh2NTd:VvL62XlaSFNWPjljiFXRoUYIdqWhWT6
Behavioral task
behavioral1
Sample
1a5f35980c44bc927abe47bef7435177f44f0d8a4c7632a6de4024e2716e85e0.exe
Resource
win7-20240903-en
Malware Config
Extracted
quasar
1.4.1
Office04
192.168.0.17:5555
3b1732e2-6a81-44bb-8d99-4472451b1cf3
-
encryption_key
871AD53C1EE1C8F197D53D3E1DCA45CC62B82B8D
-
install_name
javaconfig.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
JavaUpdater
-
subdirectory
SubDir
Targets
-
-
Target
1a5f35980c44bc927abe47bef7435177f44f0d8a4c7632a6de4024e2716e85e0.exe
-
Size
3.1MB
-
MD5
fe9288f31b98a1d42d805ceba700fb39
-
SHA1
208a5912e6086a4a3266b9f11346ae77ad8a35ff
-
SHA256
1a5f35980c44bc927abe47bef7435177f44f0d8a4c7632a6de4024e2716e85e0
-
SHA512
b9adfd4e75be72198ff06447cd67d8f852625c3ef61eff9247dfd1e4941fae58866debdc4b8aa8921f5c448eec18e3106436896f79b70b47af6e2bdf64ccb2a9
-
SSDEEP
49152:Vvht62XlaSFNWPjljiFa2RoUYIdqWhybRjPLoGddJfTHHB72eh2NTd:VvL62XlaSFNWPjljiFXRoUYIdqWhWT6
-
Quasar family
-
Quasar payload
-
Executes dropped EXE
-