quasar | a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa | Triage

Submit
Reports

Overview

overview

Static

static

a5a95cd394...aa.exe

windows7_x64

a5a95cd394...aa.exe

windows10-2004_x64

Sharing

General

Target

a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa
Size

348KB
Sample

220201-p3672sheeq
MD5

976abfeee6afe436cb09e480baa0f072
SHA1

460f1b15acf310a4a648b26c80efd21ebe94cac0
SHA256

a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa
SHA512

8c81efc4e102f9a66eb1626a126b59f21d37b277183c2364386988fc53e6fd07f08a2d730c9f45aa43619ec551dcf53b663bfe470998ac187df422feb0d274c1

Score

10^/10

quasar ps spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa.exe

Resource

win7-en-20211208

quasar ps spyware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa.exe

Resource

win10v2004-en-20220113

quasar ps spyware trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

quasar

Version

1.3.0.0

Botnet

Ps

C2

45.74.53.124:4782

Mutex

s5v8y/B?E(H+MbQeThWmZq3t6w9z$C&F)J@NcRfUjXn2r5u7x!A%D*G-KaPdSgV

Attributes

encryption_key
sEybIz3EK3xXIpG2z1h2
install_name
Client.exe
log_directory
Logs
reconnect_delay
0
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa
- Size
  
  348KB
- MD5
  
  976abfeee6afe436cb09e480baa0f072
- SHA1
  
  460f1b15acf310a4a648b26c80efd21ebe94cac0
- SHA256
  
  a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa
- SHA512
  
  8c81efc4e102f9a66eb1626a126b59f21d37b277183c2364386988fc53e6fd07f08a2d730c9f45aa43619ec551dcf53b663bfe470998ac187df422feb0d274c1
Score

10^/10

quasar ps spyware trojan
- Quasar Payload
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

quasarpsspywaretrojan

behavioral2

quasarpsspywaretrojan

© 2018-2024

Terms | Privacy