quasar | acaa51b406aa9cef4c6ac4d6d57b91b0dd2d07a9f6333b69e742796a367ff010 | Triage

Submit
Reports

Overview

overview

Static

static

Client-built.exe

windows7-x64

Client-built.exe

windows10-2004-x64

Sharing

General

Target

Client-built.exe
Size

3.1MB
Sample

240325-spjrdabe74
MD5

2c452681aaf7e08b26eec0c3e5778bd2
SHA1

f9a3d4ad1b623f2f52ff60a51c35f5a6817c12f2
SHA256

acaa51b406aa9cef4c6ac4d6d57b91b0dd2d07a9f6333b69e742796a367ff010
SHA512

c321ff90d512b067ea2c617a07224b6756092318ef3d3175d0c1a00eaa7b9a0cc6976314e00fce4ebec9877d8c4ca8ade23d51e003d3f28317702c57b0541384
SSDEEP

49152:evBt62XlaSFNWPjljiFa2RoUYI31LBrTMfxdoGdalTHHB72eh2NT:evr62XlaSFNWPjljiFXRoUYI35BrCq

Score

10^/10

quasar test spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Client-built.exe

Resource

win7-20240221-en

quasar test spyware trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Client-built.exe

Resource

win10v2004-20240226-en

quasar test spyware trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

test

C2

192.168.1.42:4782

Mutex

95ad66d9-3637-453f-943d-33d2a2c49feb

Attributes

encryption_key
3A52ADE42ED9473E5578959627082144C8887BFE
install_name
winreset.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Discord
subdirectory
Boot

Targets

- Target
  
  Client-built.exe
- Size
  
  3.1MB
- MD5
  
  2c452681aaf7e08b26eec0c3e5778bd2
- SHA1
  
  f9a3d4ad1b623f2f52ff60a51c35f5a6817c12f2
- SHA256
  
  acaa51b406aa9cef4c6ac4d6d57b91b0dd2d07a9f6333b69e742796a367ff010
- SHA512
  
  c321ff90d512b067ea2c617a07224b6756092318ef3d3175d0c1a00eaa7b9a0cc6976314e00fce4ebec9877d8c4ca8ade23d51e003d3f28317702c57b0541384
- SSDEEP
  
  49152:evBt62XlaSFNWPjljiFa2RoUYI31LBrTMfxdoGdalTHHB72eh2NT:evr62XlaSFNWPjljiFXRoUYI35BrCq
Score

10^/10

quasar test spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasartestspywaretrojan

behavioral2

quasartestspywaretrojan

© 2018-2024

Terms | Privacy