quasar | 5b4b8b61572b28eb349e3a9049feb5242ef13270b47f00d352b91ff5d0cbbbcf | Triage

Submit
Reports

Overview

overview

Static

static

pin cracker (3).exe

windows11-21h2-x64

Sharing

General

Target

pin cracker (3).exe
Size

3.1MB
Sample

240516-b9pppafd34
MD5

9effa0a8800dd420cb70175619b1fce5
SHA1

d0e0581a51357875a789b282b7370c3fcf6d2207
SHA256

5b4b8b61572b28eb349e3a9049feb5242ef13270b47f00d352b91ff5d0cbbbcf
SHA512

b7bf41da9132dbf8d92be10dda8119bdbfe426496e1d415e18d85b3ddb73e598c154e64321c33eea7b71e322dacb3f18589dfbe5a356aa18da352c6ae4308808
SSDEEP

49152:rvOI22SsaNYfdPBldt698dBcjH/8fua+mzYCoGdnTHHB72eh2NT:rvj22SsaNYfdPBldt6+dBcjH0fua9

Score

10^/10

quasar office04 spyware trojan

Static task

static1

office04 quasar

3 signatures

Behavioral task

behavioral1

Sample

pin cracker (3).exe

Resource

win11-20240508-en

quasar office04 spyware trojan

windows11-21h2-x64

13 signatures

1800 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

192.168.1.160:4782

Mutex

9fdee828-b7fc-459e-9416-a8cc42a3265c

Attributes

encryption_key
A4FE4005B8C0621A18088C1B9505D2B8F5A67143
install_name
hack.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  pin cracker (3).exe
- Size
  
  3.1MB
- MD5
  
  9effa0a8800dd420cb70175619b1fce5
- SHA1
  
  d0e0581a51357875a789b282b7370c3fcf6d2207
- SHA256
  
  5b4b8b61572b28eb349e3a9049feb5242ef13270b47f00d352b91ff5d0cbbbcf
- SHA512
  
  b7bf41da9132dbf8d92be10dda8119bdbfe426496e1d415e18d85b3ddb73e598c154e64321c33eea7b71e322dacb3f18589dfbe5a356aa18da352c6ae4308808
- SSDEEP
  
  49152:rvOI22SsaNYfdPBldt698dBcjH/8fua+mzYCoGdnTHHB72eh2NT:rvj22SsaNYfdPBldt6+dBcjH0fua9
Score

10^/10

quasar office04 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasaroffice04spywaretrojan

© 2018-2024

Terms | Privacy