General
-
Target
0a7ebca0af380827e362df072c5fc9ca41e8597f99cff0eed63407fca1b3fb63
-
Size
3.9MB
-
Sample
250703-f8k3bsvlx7
-
MD5
46938612537bea58905cbe2873d3d600
-
SHA1
8a86adafd365f94e44df96a9cf2a8cff9da65e42
-
SHA256
0a7ebca0af380827e362df072c5fc9ca41e8597f99cff0eed63407fca1b3fb63
-
SHA512
d95e539c23e089c51ac49f9ba7c38448c9b4169cff7522a4d60203980b7710316b83f102444d6414a1aa0bee09c61d68c797b5e6036936a3f8ad302f72b78d61
-
SSDEEP
98304:0a2wvr22SsaNYfdPBldt6+dBcjHtKRJ6Bqg:kOM7jGIq
Behavioral task
behavioral1
Sample
0a7ebca0af380827e362df072c5fc9ca41e8597f99cff0eed63407fca1b3fb63.exe
Resource
win10v2004-20250610-en
Malware Config
Extracted
quasar
1.4.1
Office04
mx5.deitie.asia:4495
ebbf737a-dddd-43dd-9b0a-74831302455d
-
encryption_key
F8516D89A1DFD78BD8FF575BBC3AE828B47FF0E1
-
install_name
Client.exe
-
key_salt
bfeb1e56fbcd973bb219022430a57843003d5644d21e62b9d4f180e7e6c33941
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
0a7ebca0af380827e362df072c5fc9ca41e8597f99cff0eed63407fca1b3fb63
-
Size
3.9MB
-
MD5
46938612537bea58905cbe2873d3d600
-
SHA1
8a86adafd365f94e44df96a9cf2a8cff9da65e42
-
SHA256
0a7ebca0af380827e362df072c5fc9ca41e8597f99cff0eed63407fca1b3fb63
-
SHA512
d95e539c23e089c51ac49f9ba7c38448c9b4169cff7522a4d60203980b7710316b83f102444d6414a1aa0bee09c61d68c797b5e6036936a3f8ad302f72b78d61
-
SSDEEP
98304:0a2wvr22SsaNYfdPBldt6+dBcjHtKRJ6Bqg:kOM7jGIq
-
Quasar family
-
Quasar payload
-
Drops startup file
-
Executes dropped EXE
-