quasar | 3000582dd73ae521fddf02fcbfa03f5389d79a6aecd85225d552373cedf35d86 | Triage

Submit
Reports

Overview

overview

Static

static

3000582dd7...86.exe

windows7_x64

3000582dd7...86.exe

windows10_x64

Sharing

General

Target

3000582dd73ae521fddf02fcbfa03f5389d79a6aecd85225d552373cedf35d86
Size

856KB
Sample

210228-e9dz8dyd2x
MD5

cd13084e519186a1bd5adf507d47f2b6
SHA1

50d18ffa0404ccca18ef9f9df9c5c89ac51731a5
SHA256

3000582dd73ae521fddf02fcbfa03f5389d79a6aecd85225d552373cedf35d86
SHA512

7c59397f0866d63602dcc1c87e8aecbdeeee998cfc5962d96922d71e1e69bf4d110c83e6007de52e4bb9012845f4fe6c95b5dd202d65752acc940dd22b37f9cd

Score

10^/10

quasar spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

3000582dd73ae521fddf02fcbfa03f5389d79a6aecd85225d552373cedf35d86.exe

Resource

win7v20201028

quasar spyware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3000582dd73ae521fddf02fcbfa03f5389d79a6aecd85225d552373cedf35d86.exe

Resource

win10v20201028

quasar spyware trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3000582dd73ae521fddf02fcbfa03f5389d79a6aecd85225d552373cedf35d86
- Size
  
  856KB
- MD5
  
  cd13084e519186a1bd5adf507d47f2b6
- SHA1
  
  50d18ffa0404ccca18ef9f9df9c5c89ac51731a5
- SHA256
  
  3000582dd73ae521fddf02fcbfa03f5389d79a6aecd85225d552373cedf35d86
- SHA512
  
  7c59397f0866d63602dcc1c87e8aecbdeeee998cfc5962d96922d71e1e69bf4d110c83e6007de52e4bb9012845f4fe6c95b5dd202d65752acc940dd22b37f9cd
Score

10^/10

quasar spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasarspywaretrojan

behavioral2

quasarspywaretrojan

© 2018-2024

Terms | Privacy