General
-
Target
app1.exe
-
Size
2.9MB
-
Sample
241215-tllx1ayqct
-
MD5
e59dd92db4f4ffcebf9234b9e7f6d5ef
-
SHA1
062d9b937f1aa328d9d47b5dcd906d627c9f1ab5
-
SHA256
20718a2749f22cb1fa604c78b4efe205355717e4ba57aa00323955971da8cfae
-
SHA512
23c5cfec42854c5fc2ccc3a326be871f781e851ec46015318c87ecde308bc17f8f8648023c557a6342c2a68deb13a133dfc8a03a433830dddc815f3db98313ec
-
SSDEEP
49152:fvWI22SsaNYfdPBldt698dBcjHHWoI8THHB72eh2NT:fv722SsaNYfdPBldt6+dBcjHHW
Malware Config
Extracted
quasar
1.4.1
KDOTCrypt
fedx.ddns.net:7000
05ed390b-a98b-426c-bddb-fc4eab59ee87
-
encryption_key
92470F4731518ABFA77DC89068544FB7E7B7C459
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
app1.exe
-
Size
2.9MB
-
MD5
e59dd92db4f4ffcebf9234b9e7f6d5ef
-
SHA1
062d9b937f1aa328d9d47b5dcd906d627c9f1ab5
-
SHA256
20718a2749f22cb1fa604c78b4efe205355717e4ba57aa00323955971da8cfae
-
SHA512
23c5cfec42854c5fc2ccc3a326be871f781e851ec46015318c87ecde308bc17f8f8648023c557a6342c2a68deb13a133dfc8a03a433830dddc815f3db98313ec
-
SSDEEP
49152:fvWI22SsaNYfdPBldt698dBcjHHWoI8THHB72eh2NT:fv722SsaNYfdPBldt6+dBcjHHW
-
Quasar family
-
Quasar payload
-