Overview

overview

10

Static

static

740634eced...24.exe

windows7-x64

10

740634eced...24.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    740634ecedd318ac8f84c360f5d253ff836c5e60da6542c65a140b17b4ba8024

  • Size

    5.9MB

  • Sample

    220805-nbd7hshfhn

  • MD5

    1fb5d967f92174e0bbb15262f8cd209f

  • SHA1

    76fbd5b88154976887b5099c21666ca3be2cd76e

  • SHA256

    740634ecedd318ac8f84c360f5d253ff836c5e60da6542c65a140b17b4ba8024

  • SHA512

    a0ff48d7e219c71828d0cbde56f59af7326dff4da021789cefc68d1ea90ea467eb98b7418070a3007a63f58ad5987dc9effe79bc143a33c5ecbe1a963a708ea9

Score
10/10
quasarspywaretrojan

Malware Config

Targets

    • Target

      740634ecedd318ac8f84c360f5d253ff836c5e60da6542c65a140b17b4ba8024

    • Size

      5.9MB

    • MD5

      1fb5d967f92174e0bbb15262f8cd209f

    • SHA1

      76fbd5b88154976887b5099c21666ca3be2cd76e

    • SHA256

      740634ecedd318ac8f84c360f5d253ff836c5e60da6542c65a140b17b4ba8024

    • SHA512

      a0ff48d7e219c71828d0cbde56f59af7326dff4da021789cefc68d1ea90ea467eb98b7418070a3007a63f58ad5987dc9effe79bc143a33c5ecbe1a963a708ea9

    Score
    10/10
    quasarspywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar payload

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks