quasar | 5920578376a599f0ba9107cda086fe2f1d2d88124ef08d99d51c10fcc724abf6 | Triage

Submit
Reports

Overview

overview

Static

static

3

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

3

Sharing

General

Target

tmp
Size

3MB
Sample

230808-hkh9yace7z
MD5

2e5a14d0ebb6ceb000eaea71f348b9ba
SHA1

6ea1baafc8803ac6c48c8ea7d18ed295c2333bd1
SHA256

5920578376a599f0ba9107cda086fe2f1d2d88124ef08d99d51c10fcc724abf6
SHA512

a976e6f54b28554d17f4af34fff79c3d64e2c8d2ce5397ecc34a47014a8f53851e3a98e449a60d07f1aba3578f12ae2880dba1d9b9a9a9a2dbea47faf2dc57a0
SSDEEP

98304:VSuLf2iWeebvvFyhAMhFiBdDf2hBV8cthsYRiTLwDYSPBR:VSuzpdsXFQ7cveB2mRiTNQR

Score

10^/10

quasar 1 spyware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20230712-en

quasar 1 spyware trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

1

C2

156.227.24.184:4783

Mutex

021c1eb9-2989-4686-97e8-d3f4470da129

Attributes

encryption_key
B05F0F227ECA1A8A9871C30B98CA534ECFD6E9C6
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  tmp
- Size
  
  3MB
- MD5
  
  2e5a14d0ebb6ceb000eaea71f348b9ba
- SHA1
  
  6ea1baafc8803ac6c48c8ea7d18ed295c2333bd1
- SHA256
  
  5920578376a599f0ba9107cda086fe2f1d2d88124ef08d99d51c10fcc724abf6
- SHA512
  
  a976e6f54b28554d17f4af34fff79c3d64e2c8d2ce5397ecc34a47014a8f53851e3a98e449a60d07f1aba3578f12ae2880dba1d9b9a9a9a2dbea47faf2dc57a0
- SSDEEP
  
  98304:VSuLf2iWeebvvFyhAMhFiBdDf2hBV8cthsYRiTLwDYSPBR:VSuzpdsXFQ7cveB2mRiTNQR
Score

10^/10

quasar 1 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

quasar1spywaretrojan

behavioral2

© 2018-2023

Terms | Privacy