General

  • Target

    74fc53844845b75a441d394b74932caa7c7ad583e091ec0521c78ebad718100e.exe

  • Size

    3.1MB

  • Sample

    241217-d1v68azpaj

  • MD5

    e6aeb08ae65e312d03f1092df3ba422c

  • SHA1

    f0a4cbe24646ad6bd75869ecc8991fd3a7b55e62

  • SHA256

    74fc53844845b75a441d394b74932caa7c7ad583e091ec0521c78ebad718100e

  • SHA512

    5cce681c2bfea2924516abab84028ebbd78194a4a9a83f9cfdcebdf88aba9e799b1e9ca859a0c68a2438c1c6b605120fc5f192db205173b36237512623514284

  • SSDEEP

    49152:Cvht62XlaSFNWPjljiFa2RoUYIDURJ6XbR3LoGdG6THHB72eh2NT:CvL62XlaSFNWPjljiFXRoUYIDURJ6p

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

CleanerV2

C2

192.168.4.185:4782

Mutex

1607a026-352e-4041-bc1f-757dd6cd2e95

Attributes
  • encryption_key

    73BCD6A075C4505333DE1EDC77C7242196AF9552

  • install_name

    Client.exe

  • log_directory

    Clean

  • reconnect_delay

    3000

  • startup_key

    CleanerV2

  • subdirectory

    SubDir

Targets

    • Target

      74fc53844845b75a441d394b74932caa7c7ad583e091ec0521c78ebad718100e.exe

    • Size

      3.1MB

    • MD5

      e6aeb08ae65e312d03f1092df3ba422c

    • SHA1

      f0a4cbe24646ad6bd75869ecc8991fd3a7b55e62

    • SHA256

      74fc53844845b75a441d394b74932caa7c7ad583e091ec0521c78ebad718100e

    • SHA512

      5cce681c2bfea2924516abab84028ebbd78194a4a9a83f9cfdcebdf88aba9e799b1e9ca859a0c68a2438c1c6b605120fc5f192db205173b36237512623514284

    • SSDEEP

      49152:Cvht62XlaSFNWPjljiFa2RoUYIDURJ6XbR3LoGdG6THHB72eh2NT:CvL62XlaSFNWPjljiFXRoUYIDURJ6p

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

    • Quasar family

    • Quasar payload

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.