quasar | 63ad1c61c2a15acb8bcfbb41e787cc5b82b925bb8acc6ebf8e5aa08ce056cafa | Triage

Submit
Reports

Overview

overview

Static

static

1

Loader/Loader.bat

windows11-21h2-x64

Sharing

General

Target

Loader.zip
Size

10.7MB
Sample

240428-zyhn1ahe7t
MD5

9707cda1159f673820ca1f4418c30b7f
SHA1

f422d9bc5b0e87dd71ace4dce22a2f60fabe8db9
SHA256

63ad1c61c2a15acb8bcfbb41e787cc5b82b925bb8acc6ebf8e5aa08ce056cafa
SHA512

7afe416209d8c965ef767dd8239ebf1ed4d1dc00b84d4eba08c5cb04ba4ba511f8666ff683d1a824ee15b3b6cb4f1a4bdbe27353950bfaa3249e7d7d42fe4b44
SSDEEP

196608:tWEkc6e/+DNVVnQXmoj7pfLsQHcUmteMuaOb3U4ZsHD3ADrS:tWcF8Nn8fg41Bzl44mTAXS

Score

10^/10

quasar spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

Loader/Loader.bat

Resource

win11-20240419-en

quasar spyware trojan

windows11-21h2-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Attributes

reconnect_delay
3000

Targets

- Target
  
  Loader/Loader.bat
- Size
  
  15.5MB
- MD5
  
  28423a8cfd1097bdbf64e841a2c8257a
- SHA1
  
  92fb218c0267e5060cb1153aab5f56f669561346
- SHA256
  
  b7182ecea0be3db16dba21b00b2dba41f24bc6fe6a6f4b7131a4a420f5e139d0
- SHA512
  
  11e47c5c300b24457254c3a2815c744c7dd3fdfaa038d36a5f1220dfe92b5c93ce646257d4105b5a40b83e64237781204db1446eaf413cbcd0f0119e25c0653f
- SSDEEP
  
  49152:tVEJF+mCi8R797l/kfuubQ6Pu3AnIVtL/3DuGs/se5Q0t2/Q7TSiRBlt1JtT6mrH:y
Score

10^/10

quasar spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Deletes itself
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasarspywaretrojan

© 2018-2024

Terms | Privacy