General
-
Target
poo virus grr.rar
-
Size
1.0MB
-
Sample
241215-dj1elstpdl
-
MD5
188f727e3be9e5d89c86d843441386f8
-
SHA1
d84ecac02426ab30a66de06c7ec72e52a0eaad6d
-
SHA256
8b507e7ba319bcbf1a13540ec20ad4f31d667a6a1cc99e091fc2f74066123c78
-
SHA512
332358be50280c6005b95fc5fc288ab767abb0162c6f0ddd19fab8e4c5dd22f46ea2f724cac63baaf53086b7d095d04527d55a10796275fc9ecedd0f117c1718
-
SSDEEP
24576:2zGoqxxbY9XIPD7Ltr4ol2iu0kiOiIBIvWCcxdxq:2wxxiXIHLyolt/7DIGvsxd0
Behavioral task
behavioral1
Sample
poo virus grr.rar
Resource
win11-20241007-en
Malware Config
Extracted
quasar
1.4.1
Office04
181.99.66.83:4782
7b23506c-ff83-4362-93b4-b99c14429834
-
encryption_key
7A8E2417AD5EAA788488BDF81FE6CACB01258933
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
poo virus grr.rar
-
Size
1.0MB
-
MD5
188f727e3be9e5d89c86d843441386f8
-
SHA1
d84ecac02426ab30a66de06c7ec72e52a0eaad6d
-
SHA256
8b507e7ba319bcbf1a13540ec20ad4f31d667a6a1cc99e091fc2f74066123c78
-
SHA512
332358be50280c6005b95fc5fc288ab767abb0162c6f0ddd19fab8e4c5dd22f46ea2f724cac63baaf53086b7d095d04527d55a10796275fc9ecedd0f117c1718
-
SSDEEP
24576:2zGoqxxbY9XIPD7Ltr4ol2iu0kiOiIBIvWCcxdxq:2wxxiXIHLyolt/7DIGvsxd0
-
Quasar family
-
Quasar payload
-
Executes dropped EXE
-
-
-
Target
poo virus grr/activate virus [logs ur device].exe
-
Size
3.1MB
-
MD5
7f604852d7713ce48e754d05cfdb9c2e
-
SHA1
8caa2ea8644f0014d8949edf576b008de2fcde75
-
SHA256
db706cddf84bb9d83cda2cc00e6832e26daa6592eef27fc37d39eccdc683e5d4
-
SHA512
a36e50b1426e990c1130a309bf453657561b646b3160c1e3a3f4d46b02bf24706982f635be627521a909a61b8fa57f0fbcc108cb1c340a37f86725bc38454ef7
-
SSDEEP
49152:DvyI22SsaNYfdPBldt698dBcjHDXUue8LzCoGhtTHHB72eh2NT:Dvf22SsaNYfdPBldt6+dBcjHDXUu0
-
Quasar family
-
Quasar payload
-
Executes dropped EXE
-