quasar | 417099ab2a4161b7d39e0657ea0dcd5b15e90111bedf13f3442fbb2efd708f12 | Triage

Submit
Reports

Overview

overview

Static

static

CsGoCheats.exe

windows7-x64

CsGoCheats.exe

windows10-2004-x64

Sharing

General

Target

CsGoCheats.exe
Size

3.3MB
Sample

230803-r4qmsseg7v
MD5

d31c6a4a86b2c01d7c6f3bbf0f2773cb
SHA1

b8d2287930ff0ebfc7b857c993c1fc0102a925db
SHA256

417099ab2a4161b7d39e0657ea0dcd5b15e90111bedf13f3442fbb2efd708f12
SHA512

3481b0fc96e319e7ef431a3e161fe5e094c74e7fa31532d3fde5d581d1754796571bbc056f4ed504f5490ccde5fec333a7ed09a56be0f551369c9c1904b28962
SSDEEP

98304:lvg62XlaSFNWPjljiFXRoUYI/MQH+eVl:J4ZYIH+I

Score

10^/10

quasar cheats spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

CsGoCheats.exe

Resource

win7-20230712-en

quasar cheats spyware trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

CsGoCheats.exe

Resource

win10v2004-20230703-en

quasar cheats spyware trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Cheats

C2

185.38.142.185:3138

Mutex

27629fb0-eb8d-4d40-971d-ac7640df2bb4

Attributes

encryption_key
87878A8B39F0E68E388682CADE478983AEB7449F
install_name
ModmenuCSGO.exe
log_directory
Logs
reconnect_delay
3000
startup_key
RamAnoT
subdirectory
CSGO

Targets

- Target
  
  CsGoCheats.exe
- Size
  
  3.3MB
- MD5
  
  d31c6a4a86b2c01d7c6f3bbf0f2773cb
- SHA1
  
  b8d2287930ff0ebfc7b857c993c1fc0102a925db
- SHA256
  
  417099ab2a4161b7d39e0657ea0dcd5b15e90111bedf13f3442fbb2efd708f12
- SHA512
  
  3481b0fc96e319e7ef431a3e161fe5e094c74e7fa31532d3fde5d581d1754796571bbc056f4ed504f5490ccde5fec333a7ed09a56be0f551369c9c1904b28962
- SSDEEP
  
  98304:lvg62XlaSFNWPjljiFXRoUYI/MQH+eVl:J4ZYIH+I
Score

10^/10

quasar cheats spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasarcheatsspywaretrojan

behavioral2

quasarcheatsspywaretrojan

© 2018-2024

Terms | Privacy