quasar | 885c0ee469749be09f9d9290f84338bf2f637c8c15a7a363240f9d2f09522e93 | Triage

Submit
Reports

Overview

overview

Static

static

02c664aa07...7f.exe

windows7_x64

02c664aa07...7f.exe

windows10_x64

Sharing

General

Target

02c664aa0793ffb1d10eca08921bc77f
Size

502KB
Sample

210722-rvv6m69e9x
MD5

02c664aa0793ffb1d10eca08921bc77f
SHA1

5c3bed4bed72373b10ead3a492e6a6f2e150e248
SHA256

885c0ee469749be09f9d9290f84338bf2f637c8c15a7a363240f9d2f09522e93
SHA512

38c1d104e06fb4e553e2adc80c80361de193dc424ed30b9f736e75b012a33b5e02b8cccd6b184919219976ffc6fe70a9bc21397375b2a5dda3a9f32abbd62fff

Score

10^/10

quasar special spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

02c664aa0793ffb1d10eca08921bc77f.exe

Resource

win7v20210410

quasar special spyware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

02c664aa0793ffb1d10eca08921bc77f.exe

Resource

win10v20210408

quasar special spyware trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.0

Botnet

Special

C2

107.150.23.186:6265

127.0. 0.1:6265

Mutex

54044b0c-f30c-4ac2-b0aa-6489c8bb3fb4

Attributes

encryption_key
BCD9439930956E212F97B82FD0DE5A50AE4CD054
install_name
update.exe
log_directory
Logs
reconnect_delay
3000
startup_key
update
subdirectory
6482

Targets

- Target
  
  02c664aa0793ffb1d10eca08921bc77f
- Size
  
  502KB
- MD5
  
  02c664aa0793ffb1d10eca08921bc77f
- SHA1
  
  5c3bed4bed72373b10ead3a492e6a6f2e150e248
- SHA256
  
  885c0ee469749be09f9d9290f84338bf2f637c8c15a7a363240f9d2f09522e93
- SHA512
  
  38c1d104e06fb4e553e2adc80c80361de193dc424ed30b9f736e75b012a33b5e02b8cccd6b184919219976ffc6fe70a9bc21397375b2a5dda3a9f32abbd62fff
Score

10^/10

quasar special spyware trojan
- Quasar Payload
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

quasarspecialspywaretrojan

behavioral2

quasarspecialspywaretrojan

© 2018-2024

Terms | Privacy