quasar | a74b4c512087be32af7863d596f2946ba0e160b863aa3ba2380b85cf6b607a14 | Triage

Submit
Reports

Overview

overview

Static

static

1

gizmo.bat

windows11-21h2-x64

Sharing

General

Target

gizmo.bat
Size

13KB
Sample

240212-cvgwzagc8v
MD5

4f5e2a45a205c03f35cfc258a6fa78c4
SHA1

409cc00e8a84f9feebaaeca597df0e7840433ea7
SHA256

a74b4c512087be32af7863d596f2946ba0e160b863aa3ba2380b85cf6b607a14
SHA512

cc769438aea44a2197708631e5a72f4fdbd6c1ddf0716f98c2eb297cfacfb10c6a3d8dd6f42f6270f47be36b2055ff4cf174c5e131b9fd7ee785bf7f1503a32a
SSDEEP

384:uYfiuv5LxLQ8lWxuzgUKEs7huHSH2vUV2EUbPxCJ0VbHAPVg//9hRaYc5Sjm5FFi:uY6uv5LxLQ8lWxuzgUKEs7huHSH2vUV2

Score

10^/10

quasar spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

gizmo.bat

Resource

win11-20231215-en

quasar spyware trojan

windows11-21h2-x64

11 signatures

600 seconds

Malware Config

Extracted

Family

quasar

Attributes

reconnect_delay
3000

Targets

- Target
  
  gizmo.bat
- Size
  
  13KB
- MD5
  
  4f5e2a45a205c03f35cfc258a6fa78c4
- SHA1
  
  409cc00e8a84f9feebaaeca597df0e7840433ea7
- SHA256
  
  a74b4c512087be32af7863d596f2946ba0e160b863aa3ba2380b85cf6b607a14
- SHA512
  
  cc769438aea44a2197708631e5a72f4fdbd6c1ddf0716f98c2eb297cfacfb10c6a3d8dd6f42f6270f47be36b2055ff4cf174c5e131b9fd7ee785bf7f1503a32a
- SSDEEP
  
  384:uYfiuv5LxLQ8lWxuzgUKEs7huHSH2vUV2EUbPxCJ0VbHAPVg//9hRaYc5Sjm5FFi:uY6uv5LxLQ8lWxuzgUKEs7huHSH2vUV2
Score

10^/10

quasar spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

quasarspywaretrojan

© 2018-2025

Terms | Privacy