quasar | 85c025a1ce6b0f53e7b87923e7988eb46e2db35e5a1f0d6e525f3e8747df23e5 | Triage

Submit
Reports

Overview

overview

Static

static

3

5c47157011...18.exe

windows7-x64

5c47157011...18.exe

windows10-2004-x64

Sharing

General

Target

5c47157011dfc43465077725d409c2e9_JaffaCakes118
Size

303KB
Sample

240520-avgvvsbd3y
MD5

5c47157011dfc43465077725d409c2e9
SHA1

f3eae76b2ebd2dbeb618a5877a89ea49956cef77
SHA256

85c025a1ce6b0f53e7b87923e7988eb46e2db35e5a1f0d6e525f3e8747df23e5
SHA512

2f04ce68d387389a4ed2cbf1ce830235adfd6994645b3f5b713c477f7be1cfe068d7288b525de22c5cca6df3c9aeb14ab458e62167324189d4e9e429a1987199
SSDEEP

6144:HbrI0w/Tkz4WftdOEwXqV1mwHCJ3cdjqjl6DZV5EOZGBHQE7oY:zNftdOEkqVFCeqoVV5Eh

Score

10^/10

quasar spyware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5c47157011dfc43465077725d409c2e9_JaffaCakes118.exe

Resource

win7-20240221-en

quasar spyware trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

5c47157011dfc43465077725d409c2e9_JaffaCakes118.exe

Resource

win10v2004-20240508-en

quasar spyware trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  5c47157011dfc43465077725d409c2e9_JaffaCakes118
- Size
  
  303KB
- MD5
  
  5c47157011dfc43465077725d409c2e9
- SHA1
  
  f3eae76b2ebd2dbeb618a5877a89ea49956cef77
- SHA256
  
  85c025a1ce6b0f53e7b87923e7988eb46e2db35e5a1f0d6e525f3e8747df23e5
- SHA512
  
  2f04ce68d387389a4ed2cbf1ce830235adfd6994645b3f5b713c477f7be1cfe068d7288b525de22c5cca6df3c9aeb14ab458e62167324189d4e9e429a1987199
- SSDEEP
  
  6144:HbrI0w/Tkz4WftdOEwXqV1mwHCJ3cdjqjl6DZV5EOZGBHQE7oY:zNftdOEkqVFCeqoVV5Eh
Score

10^/10

quasar spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

quasarspywaretrojan

behavioral2

quasarspywaretrojan

© 2018-2024

Terms | Privacy