quasar | 9a61a7d939c6cd0ae191ad9d5cf7192b1bcc73717c27651bbb40b5c4b1cf64b6 | Triage

Submit
Reports

Overview

overview

Static

static

Nezur Crac...ur.exe

windows11-21h2-x64

Sharing

General

Target

Nezur Cracked.zip
Size

1.8MB
Sample

240507-b1j3vafe47
MD5

58588a0d0e0fd14c73405d887ec23012
SHA1

82e777828080c078a08e0e27b8f31ed7dfcf3a9c
SHA256

9a61a7d939c6cd0ae191ad9d5cf7192b1bcc73717c27651bbb40b5c4b1cf64b6
SHA512

d556b7bec71aad3b7eac266dac70520aa14d8f01e38e422652b5131439ed39b02ed93fede261f3c5afcbb6af2fa84d57f2527ae747863499212d4b1b71fa10cc
SSDEEP

24576:iDr6qQtwq/Uo5Z7hJBc2UBKMj9HzDwFFPnb3EBRPozZKXVd/6V9BWiCzj:iDpKwoU8X0thW3EB+zMXVdIBWiCzj

Score

10^/10

quasar clients spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Nezur Cracked/Nezur.exe

Resource

win11-20240419-en

quasar clients spyware trojan

windows11-21h2-x64

16 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Clients

C2

greenindianman-49703.portmap.host:49703

Mutex

a81b3de7-2166-4055-925d-fe9dc1d9d6bf

Attributes

encryption_key
95AA1BBAC73B9C4A85C5C9CA17AB01066062736A
install_name
WinRar.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Task Manager
subdirectory
WinRar

Targets

- Target
  
  Nezur Cracked/Nezur.exe
- Size
  
  681.3MB
- MD5
  
  3fee99b93b17b6e09549aa8ead4eabf5
- SHA1
  
  02da4c4c690f0fbcdf01e594aa7c5c0333516391
- SHA256
  
  1c659eaff97adc9b5384cebc4bf22b995b4fa329f335ebe02ff5be5571bf76e1
- SHA512
  
  67550650bdb131408b5fc2ddebad7de28591c8fcea155a90ac4f83703587fe5f04a5f09be4258fdae51c5b598a71ce7f46dc71a4207d6e264c22847a65dd368e
- SSDEEP
  
  49152:3vCI22SsaNYfdPBldt698dBcjHDBFkjT1J7+oGdxTHHB72eh2NT:3vP22SsaNYfdPBldt6+dBcjHlFkje
Score

10^/10

quasar clients spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasarclientsspywaretrojan

© 2018-2025

Terms | Privacy