General
-
Target
ConnectToServer.exe
-
Size
3.1MB
-
Sample
250115-chqy4sxjgs
-
MD5
622f266e2d1ca12b98a9f553bc38f366
-
SHA1
7c042256bf6f26ef421012a9dcd23b5cec63b738
-
SHA256
37c354b78bac35fcb8ea01381e4bbc0013c3d462414c2246a26797790362b50a
-
SHA512
23f704937ac1ae19edf5215474da6a31411b94dfc6572d45cb51a6fd6fbd464cb39d59eaaee7c12dc890d29177f3abe3e85c87693dc4f8d3f5f0b351a2a855d9
-
SSDEEP
49152:DvCI22SsaNYfdPBldt698dBcjHLb4OZjDvJuJoGdinTHHB72eh2NT:DvP22SsaNYfdPBldt6+dBcjHPjQS
Behavioral task
behavioral1
Sample
ConnectToServer.exe
Resource
win7-20240903-en
Malware Config
Extracted
quasar
1.4.1
Office04
hi-tin.gl.at.ply.gg:14413
a7a63354-73e8-4f60-93c0-dfe7bb74afe3
-
encryption_key
00B725E3944DCC9CC2ADDC0820F57FE1981B6AC6
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
ConnectToServer.exe
-
Size
3.1MB
-
MD5
622f266e2d1ca12b98a9f553bc38f366
-
SHA1
7c042256bf6f26ef421012a9dcd23b5cec63b738
-
SHA256
37c354b78bac35fcb8ea01381e4bbc0013c3d462414c2246a26797790362b50a
-
SHA512
23f704937ac1ae19edf5215474da6a31411b94dfc6572d45cb51a6fd6fbd464cb39d59eaaee7c12dc890d29177f3abe3e85c87693dc4f8d3f5f0b351a2a855d9
-
SSDEEP
49152:DvCI22SsaNYfdPBldt698dBcjHLb4OZjDvJuJoGdinTHHB72eh2NT:DvP22SsaNYfdPBldt6+dBcjHPjQS
-
Quasar family
-
Quasar payload
-
Executes dropped EXE
-