quasar | 3bcd147bb31e8841bc86d841954b6946ff26db145286ddf23146a627fcf1cdf0 | Triage

Submit
Reports

Overview

overview

Static

static

3bcd147bb3...f0.exe

windows7-x64

3bcd147bb3...f0.exe

windows10-2004-x64

Sharing

General

Target

3bcd147bb31e8841bc86d841954b6946ff26db145286ddf23146a627fcf1cdf0
Size

502KB
Sample

230508-3l2swsfb21
MD5

f8c141c2bcbda5968e06c6fccc76c359
SHA1

42d44e601923e9a8c3ec87155393c63f12f3a4bc
SHA256

3bcd147bb31e8841bc86d841954b6946ff26db145286ddf23146a627fcf1cdf0
SHA512

3c28a8419fe660838ac5adaf5994442ea4a3137a6bdc40f9a4e26af299717aadcc00c7ae4cf6a78c20c225018361795795b2bb4d64b53b3ef3f91c0ced101ffe
SSDEEP

6144:gTEgdc0YgXAGbgiIN2RSBsncUmazxXE55Etqg+yw4xUcEtOb8F9ojvtEQCvcTR3e:gTEgdfYybggcUwo4Nywhdpm5BCvcde

Score

10^/10

quasar beamedlol spyware trojan

Static task

static1

beamedlol quasar

3 signatures

Behavioral task

behavioral1

Sample

3bcd147bb31e8841bc86d841954b6946ff26db145286ddf23146a627fcf1cdf0.exe

Resource

win7-20230220-en

quasar beamedlol spyware trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3bcd147bb31e8841bc86d841954b6946ff26db145286ddf23146a627fcf1cdf0.exe

Resource

win10v2004-20230220-en

quasar beamedlol spyware trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.0

Botnet

beamedlol

C2

region-madison.at.ply.gg:4966

Mutex

d4dacd14-db7a-448c-88cd-1faa5c05a157

Attributes

encryption_key
8C6FA73F201E3EB2642527FF3B0B5F9E9A2EC541
install_name
Virus.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  3bcd147bb31e8841bc86d841954b6946ff26db145286ddf23146a627fcf1cdf0
- Size
  
  502KB
- MD5
  
  f8c141c2bcbda5968e06c6fccc76c359
- SHA1
  
  42d44e601923e9a8c3ec87155393c63f12f3a4bc
- SHA256
  
  3bcd147bb31e8841bc86d841954b6946ff26db145286ddf23146a627fcf1cdf0
- SHA512
  
  3c28a8419fe660838ac5adaf5994442ea4a3137a6bdc40f9a4e26af299717aadcc00c7ae4cf6a78c20c225018361795795b2bb4d64b53b3ef3f91c0ced101ffe
- SSDEEP
  
  6144:gTEgdc0YgXAGbgiIN2RSBsncUmazxXE55Etqg+yw4xUcEtOb8F9ojvtEQCvcTR3e:gTEgdfYybggcUwo4Nywhdpm5BCvcde
Score

10^/10

quasar beamedlol spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

beamedlolquasar

behavioral1

quasarbeamedlolspywaretrojan

behavioral2

quasarbeamedlolspywaretrojan

© 2018-2025

Terms | Privacy