quasar | 1215214202d4b3103b6b88470dad2ce0836062703b040ac6a4cdfb4e97bcaa06

Sharing

Copy URL

Twitter E-mail

General

Target

ExodusWallet.zip
Size

12.0MB
Sample

250327-v5nrdav1bz
MD5

2472b364203ed098f6b8161ebf1df0c5
SHA1

26a702b42f6b9b32c6fddcfb024fdbecf2ba2f60
SHA256

1215214202d4b3103b6b88470dad2ce0836062703b040ac6a4cdfb4e97bcaa06
SHA512

6c9da01c03ddf9040ea4e8016e34bdff2e380ada298c198a9255b28673c71cc4298648a81c4c19cc476b3aef0e7d2cec9887094b8a21fc39fd781d0df4c620af
SSDEEP

393216:ZOHNU+3jtX4w1bzNTAorDGt36R0D7hGR/o/yW:Qt7jtX7/TAorDUk+7uvW

Score

10^/10

quasar larpvault

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

larpvault

195.177.94.58:7000

Mutex

7e03e3fb-22c0-4bc3-91c5-b78b68c8c267

Attributes

encryption_key
0DE96920F31CF665B8020E803D1D5541E1FEA3E5
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Modded Client Startup
subdirectory
SubDir

Targets

- Target
  
  Avalonia.Base.dll
- Size
  
  1.7MB
- MD5
  
  0442decd1c27e119fbf93ac9b62fadd2
- SHA1
  
  30cdb1bac361695151bd47714465f9e8f95d9b44
- SHA256
  
  8f0a12e7134d617f0bdcb0167479dd0c17de4bce192fc779b5673424470aa2cf
- SHA512
  
  d3d80a236326fe6530a7c8705027e61832fe9352057f1b3341e525d01ce680016f640c63d8252fba12688544a86f5dd7998735e74f75808425f3e3433e095f50
- SSDEEP
  
  24576:0CqLvtPLslmTX4/e5O0HD7ICdktbsETZaPQ2AXzkai34rTyqmWfDN:fQpLslmk/8O0eBFrTF
Score

1^/10
behavioral1 behavioral2
- Target
  
  Avalonia.Controls.ColorPicker.dll
- Size
  
  483KB
- MD5
  
  08cc85d1b3f47e760f0d0a735af47440
- SHA1
  
  00ca0036f97412f945830f9ec4de38d008cc8fe5
- SHA256
  
  a1a85d137d031f0795866a81339c815ba10269792486f40fe77f5a919fa51bdb
- SHA512
  
  19d07a79b8cc6d36b860eaf50020ea5b44aa33dda0d0b83a28e995bc11640fbee08039f9f34237f27f0fe7c93b7145f3eb19712324727d16845f3ff64ef76599
- SSDEEP
  
  3072:1aUgzhqPHn4SdNdAJMIzdkdIJ7Tf2IndZdAJD92dHdIJyz12y9a2YDTm6gzR/yUr:8z4P4jnNisZSEcEr
Score

1^/10
behavioral3 behavioral4
- Target
  
  Avalonia.Controls.DataGrid.dll
- Size
  
  422KB
- MD5
  
  2316e0a4674c322bfdda4777077826d5
- SHA1
  
  498f3beab5006c33d79dc81f566a15c326fda1a5
- SHA256
  
  7d3bd437c222ba78d6f3d8e1ef713ab8dd1acd5acb65df1bedc0e9fe9a02e114
- SHA512
  
  b3be9656d3d79ac581863f91654245b34437185d7a25885d9b71cec4a4385d2b6c717805bbf8faaa16d4bb07c8c887729db468bec30686f2e5da46082a49e421
- SSDEEP
  
  6144:RSiv+JogU2IlpwPijRoy/CILEPtVM9yhIjly9h51hYZYs:Rnv+GpwPijRR/cLM9ymoGx
Score

1^/10
behavioral5 behavioral6
- Target
  
  Avalonia.Controls.dll
- Size
  
  945KB
- MD5
  
  750a953ce3447aaff55df2567123f8a7
- SHA1
  
  26f3b93374d8e202d5d54a6fd5a5efc1646c186f
- SHA256
  
  96b2fe74060a3727fc88c4f134516c1b6bd6539a111ab80585df4fa3e45c6bec
- SHA512
  
  25ac4074f3ef8a4693a55a86036e0dc5336ada7e7644f8657b8b80bdb803a6afec0367b43afe8d1b0eec2f316c894d94f8f23bb614bff2f8cbb27dccbfe0f272
- SSDEEP
  
  24576:CXJHur736XQevAxdjI6TN9NERCMHETy5zMnXziVT:+XQKLHzKXk
Score

1^/10
behavioral7 behavioral8
- Target
  
  Avalonia.DesignerSupport.dll
- Size
  
  204KB
- MD5
  
  9d1c21d3234b6be58bdf5d707c438c32
- SHA1
  
  9553d1c623229ba73e2c38fd2c15703965583de6
- SHA256
  
  6f6203d0c2b3867202bba824901d5dcba4b568ce560a97e68b2cd7f78e390338
- SHA512
  
  3e3b2314cf18a663933506013ce9122e3d1c52fec8803576f069b12d6edf8ede12caa47bbe4679eb32883a41042856d88a6fbf53b4422e68e5375f0fa862f5fe
- SSDEEP
  
  6144:5epkXoiDNR8XaC8KMUZjc5rlFEkdLQcu:5B9DNRYaCzAE
Score

1^/10
behavioral10 behavioral9
- Target
  
  Avalonia.Desktop.dll
- Size
  
  15KB
- MD5
  
  7e89c4dfdb6ec116a6d068afe20905c1
- SHA1
  
  dd2a8048a58fb3bdb4823170f7981d43159ee29f
- SHA256
  
  d9b6df687c86a43d6b8ee385f27856da281e08338be3b05057fc134de4be6c6e
- SHA512
  
  fd41e790c4c39d46ec5d9b50178ef55297c524937c33c0fe13d4391387a0cc940a0f4f6b78cd770442838027bdafe850f6db9554d771881d96c236d9a613acfc
- SSDEEP
  
  192:4WRYqVmaWisAgY6DMZPGlFbnQNxTQWxK:4WdpsYZr5
Score

1^/10
behavioral11 behavioral12
- Target
  
  Avalonia.Diagnostics.dll
- Size
  
  302KB
- MD5
  
  008bc283bf7894eacca6cdff711a506a
- SHA1
  
  dfda6f785dd0f853ecc3e940efb34d610f10d234
- SHA256
  
  65014f100c8c25363bfd20c47018a3c2b5eae10daf51e384480abff8ecf061f8
- SHA512
  
  c3ee4976f8223cc6820651fec4d40a1335318da6e695b6a40f8f69f7f7f18888d1ed04bb378775915f6a19f183d6c069eada10f95ddb28b55e4f81b9aa8cefe4
- SSDEEP
  
  6144:flPquINsXeIfOxTdUAiWfiIHtak9b957Pnxal:pquINsXeIfOxTOeiIHtHxrm
Score

1^/10
behavioral13 behavioral14
- Target
  
  Avalonia.Dialogs.dll
- Size
  
  228KB
- MD5
  
  d983836ef3d7fa7d4d2571c9f2b6c018
- SHA1
  
  78b04b023f52836555dc2c408c414fd3ed5389df
- SHA256
  
  62485d2fec62151f1c3771196916d1336704437e4234a02d944d72058c6a0250
- SHA512
  
  5c57c5a06be130746b024b9ce7c7c7b212b80c461d91178a7dad6ed9b0de5b0a62e38f6af879f48d0493c871e4d2d9bc1954a4d5b0d2ffcb1e6a0672027de08a
- SSDEEP
  
  3072:EEaNiXlLgbEmk0/Dv6QKwRr4T2EUtxq2FquPt3/yzBuNOIOU7og2FncpqnFxbl0o:qOqXpSIE6Ey/SmWUMxFncpqDbSb
Score

1^/10
behavioral15 behavioral16
- Target
  
  Avalonia.Fonts.Inter.dll
- Size
  
  2.4MB
- MD5
  
  fdf923002820c030f60a809dbee7c4c5
- SHA1
  
  16fa81cbaab5ba436232bf928f026f19ce4ead1c
- SHA256
  
  ac72898b6ceb35ae50ccb816af6e7ec32defc6667725b624507555fc81dfcae4
- SHA512
  
  07b51f751a14e6a93bbfdfed7ca5111ab766b38fd742c7476fac74a8346876ba634b4664fbd31299e9e346ddc832e4de3ca0c0362b485a5665f3826018644f84
- SSDEEP
  
  24576:7GfUawvIQdG+ue17V0hL+QZr/GpRAkik+WABkLGm7K7ZLQQtyQ8YG8a5iDGWDSW3:dF16ORAki2LqpDGWDSWaJsnzXwI
Score

1^/10
behavioral17 behavioral18
- Target
  
  Avalonia.FreeDesktop.dll
- Size
  
  199KB
- MD5
  
  aa744f5f65d6c0abd9332f18592be1a9
- SHA1
  
  2058713b8ce545ffc551bfba1017ee9f8c17861e
- SHA256
  
  5ef12f8fc03f34bdfd99394ce2c39847be632bb3c3959949d931031a0416f7dd
- SHA512
  
  42048f3af4a0815952ae731073e1fe54be2e2c705c430219e94d39e6c4d10d1255eb3de3750e2ced96b24dd0a3b469594b2efaaf2ff341ddf434bf68b32da3af
- SSDEEP
  
  3072:AY+8fK1QwjYxTHwRiBbcoXcP0rprdYJjmlZgbNVP3i6cT+9L5Yd:TyPIHJPXccdrdsDVPRx9
Score

1^/10
behavioral19 behavioral20
- Target
  
  Avalonia.Markup.Xaml.dll
- Size
  
  75KB
- MD5
  
  6989c9e9d2188f9f6ecf1555edacd268
- SHA1
  
  9c384fcb9bcdd75d26d0b779252d2195ceca3c01
- SHA256
  
  86a3eeaa9b507e71fd91398add6c1bcb2e424d65da3221ce943ca637d771c510
- SHA512
  
  592912567ebd03ad9b781bbcf26dc06d3b1cd2eed5ab06936534f418519eaef0b7e1f3841433869a29a601ce920ba34142894505a4a4777e3ba4de7f712f6221
- SSDEEP
  
  1536:fwWOWR6jFvpUOZ4NEc2VUD6bTmHcdY1bbk4:JQ4NlSmHSYNP
Score

1^/10
behavioral21 behavioral22
- Target
  
  Avalonia.Markup.dll
- Size
  
  66KB
- MD5
  
  c8a48fe1817998d608909712d39eea6e
- SHA1
  
  9b67ae0c3e9649eb5b06cd81622e9163375082a6
- SHA256
  
  032576788b40e65f94f908d2a9f26a62c1b80b7b133e2bd97f31571262f93c8d
- SHA512
  
  c692e915cfa73d9d109355b521e1a4b3a8a68e8a5e08e46d6e8ea60bcd038e108e82c34b2416b51b64ec2a6ca887eccec7b6483897c6e9ab3804935e8d8f7261
- SSDEEP
  
  1536:yaL8mU7EXt0fvik4jqfgYg/MUcEfVv6NGYuEN:4mU7FP4jqfgl/MUqNGYuK
Score

1^/10
behavioral23 behavioral24
- Target
  
  Avalonia.Metal.dll
- Size
  
  14KB
- MD5
  
  81f795b0f6e35ae30edeeed5887b2e0b
- SHA1
  
  46b95fbc5938391e35af960f763680a03cf40a12
- SHA256
  
  11842f337b791d7d181d386f8be63e4f7fc8dc4d0c012426b190011b5228e45b
- SHA512
  
  884d669d3dfb01dd05ac2c91bacb87b7b56c8f57f20be21e09f18ecd13d8caaf0cd4ac82e9080a784c342a2961225111356167e883a92b4903d19f1a9b24ecf7
- SSDEEP
  
  192:beVCX9NQVitAgY6DMZPGLFbh+2fJaOJxP:0u5YZ2+2L
Score

1^/10
behavioral25 behavioral26
- Target
  
  Avalonia.MicroCom.dll
- Size
  
  15KB
- MD5
  
  24d31fb8ae39564ca0a9b1f211ef4c85
- SHA1
  
  e4efc99d19d26d4bd87bd5deaa103aa926709c98
- SHA256
  
  1cfbb23f757a19afcae54e9758050f2bf8b101b31b78c9effdb53e2a7dcb526d
- SHA512
  
  6062bf1baf7c0015831d312db9d7556a2aab3d8950e46535c5ade7daea47fc03cdbb003049f2d59d0af90b63b00942d3a33959a3e647ed9c420f1ea7a01ed071
- SSDEEP
  
  192:tRg9FzkwgiJAgY6DMZPGBFbPufe2wxMkqxF:Hm4wb1YZ4Ee2J
Score

1^/10
behavioral27 behavioral28
- Target
  
  Avalonia.Native.dll
- Size
  
  260KB
- MD5
  
  04660aaa4a2867648238347ce1fe7ab4
- SHA1
  
  025f840266d115e986b196f6969723b3217a4957
- SHA256
  
  12387854688e1b8795af6e6b561e6a0219f6ccafa392aa9d61b97163a5d656cd
- SHA512
  
  f83c4b90d89ab52d51b1eed83a89326e780e5052fd3955d1d2f5cbaebedfa767fde40a90f5e363b24e4458df319091f5e781b8b709f242684ddf1057e1cf574d
- SSDEEP
  
  3072:Y7KFJhf8NGi0279smctdmuWzg5+Sy9TCAFze2eira7U+6Cy4Rq3k44PUPCD3wbdm:YOJaCQsmk/5+SqXfaN6CyQzdD3wUJb
Score

1^/10
behavioral29 behavioral30
- Target
  
  Avalonia.OpenGL.dll
- Size
  
  93KB
- MD5
  
  60a0c1e8dda246911dcf7e60aaeb9314
- SHA1
  
  43c0ba97992105c7c8bc19c9e8a15cf4151f8f6c
- SHA256
  
  4bc9c53d8b224322bb0315af3da45fb68f6654f45cc2a963422917cdb2301fa7
- SHA512
  
  ae169dd8cea35523a49ea32e1739d66e8c5f4c34869b17aadd16793b758be0d9d37a0acd8f16d439b8034e0197b9038cd9931dcc3aded9da7ca982538fd2b28d
- SSDEEP
  
  1536:9pzyeehFyHhrLZZRZV4wpXhHTdWDP3P7gcLT0DJfPs/j61TGY6tbigyot:9HehFsNHTdWDPUceUY6th
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32