quasar | a3773025a4ff7ba7e2ea475c8e5b2c74bd60f963ad9e27ae7ca0123fbb235976 | Triage

Submit
Reports

Overview

overview

Static

static

solar.exe

windows10-2004-x64

Sharing

General

Target

solar.exe
Size

3.1MB
Sample

240525-nfwblaee6z
MD5

ca558fea52e3ca7a1b61e0f69ac268b2
SHA1

2445d78506e19c17c99eca0744719c409c1e2c04
SHA256

a3773025a4ff7ba7e2ea475c8e5b2c74bd60f963ad9e27ae7ca0123fbb235976
SHA512

7d3e5cab72a6e7da4d2cc7fca940d58d0c0c82e1a3ee5dfce38317eb6eb6446bac82ed66bfc96c84e1c7917f1a00c1635640daa42ce09fa3ab27c5f213d73396
SSDEEP

49152:DvrI22SsaNYfdPBldt698dBcjHDsqxbR4LoGdYWTHHB72eh2NT:DvU22SsaNYfdPBldt6+dBcjHDsqe

Score

10^/10

quasar quasar spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

solar.exe

Resource

win10v2004-20240426-en

quasar quasar spyware trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

quasar

C2

cr7stakewin-27924.portmap.host:27924

Mutex

b16a5a4a-0575-4e0e-8ddd-77ced9920af6

Attributes

encryption_key
72EAB2364235F953EB6EBC4967F5FAA96FD1EEE1
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar
subdirectory
SubDir

Targets

- Target
  
  solar.exe
- Size
  
  3.1MB
- MD5
  
  ca558fea52e3ca7a1b61e0f69ac268b2
- SHA1
  
  2445d78506e19c17c99eca0744719c409c1e2c04
- SHA256
  
  a3773025a4ff7ba7e2ea475c8e5b2c74bd60f963ad9e27ae7ca0123fbb235976
- SHA512
  
  7d3e5cab72a6e7da4d2cc7fca940d58d0c0c82e1a3ee5dfce38317eb6eb6446bac82ed66bfc96c84e1c7917f1a00c1635640daa42ce09fa3ab27c5f213d73396
- SSDEEP
  
  49152:DvrI22SsaNYfdPBldt698dBcjHDsqxbR4LoGdYWTHHB72eh2NT:DvU22SsaNYfdPBldt6+dBcjHDsqe
Score

10^/10

quasar quasar spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasarquasarspywaretrojan

© 2018-2024

Terms | Privacy