General

  • Size

    5MB

  • Sample

    220805-nbd7hshfhn

  • MD5

    1fb5d967f92174e0bbb15262f8cd209f

  • SHA1

    76fbd5b88154976887b5099c21666ca3be2cd76e

  • SHA256

    740634ecedd318ac8f84c360f5d253ff836c5e60da6542c65a140b17b4ba8024

  • SHA512

    a0ff48d7e219c71828d0cbde56f59af7326dff4da021789cefc68d1ea90ea467eb98b7418070a3007a63f58ad5987dc9effe79bc143a33c5ecbe1a963a708ea9

Score
10/10

Malware Config

Targets

    • Target

      740634ecedd318ac8f84c360f5d253ff836c5e60da6542c65a140b17b4ba8024

    • Size

      5MB

    • MD5

      1fb5d967f92174e0bbb15262f8cd209f

    • SHA1

      76fbd5b88154976887b5099c21666ca3be2cd76e

    • SHA256

      740634ecedd318ac8f84c360f5d253ff836c5e60da6542c65a140b17b4ba8024

    • SHA512

      a0ff48d7e219c71828d0cbde56f59af7326dff4da021789cefc68d1ea90ea467eb98b7418070a3007a63f58ad5987dc9effe79bc143a33c5ecbe1a963a708ea9

    Score
    10/10
    • Quasar RAT

      Quasar is an open source Remote Access Tool.

    • Quasar payload

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                      Privilege Escalation