quasar | 593e1288bf819bed2b272608c8d1b78cb0ce3ba7f1da989c6e84096a6124e478 | Triage

Submit
Reports

Overview

overview

Static

static

1

image_2024...81.png

windows10-2004-x64

Sharing

General

Target

image_2024-06-14_155622581.png
Size

12KB
Sample

240614-ynwbnstdla
MD5

6d1c58c1c1c9d38d835f7a2f7e8ef561
SHA1

d4d7652ea8d9d218d041f6e0362dad10eb73a902
SHA256

593e1288bf819bed2b272608c8d1b78cb0ce3ba7f1da989c6e84096a6124e478
SHA512

732d71ea7fc2db097c3fba89d55e926fa2ba0255c556fd166dd861b2f1cc916d689d6ebd4deb8da3dc1607f7e496c3b6f9cc1271537b61490b98e952c83535d9
SSDEEP

384:+T7USQxrKBq5/43f86MAQOY/UAUQtERSIA5j3dag:+T7vKOq5wxY/X9dag

Score

10^/10

quasar testing spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

image_2024-06-14_155622581.png

Resource

win10v2004-20240611-en

quasar testing spyware trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.2

Botnet

Testing

C2

127.0.0.1:4782

Mutex

da53512e-6c73-406a-b1ee-fcfefff35b99

Attributes

encryption_key
4B317113B678FE9A27AFEB228E60516202859C8D
install_name
$77~HWllo.exe.exe
log_directory
Logs
reconnect_delay
3000
startup_key
$77~Update
subdirectory
$77~TEMP

Targets

- Target
  
  image_2024-06-14_155622581.png
- Size
  
  12KB
- MD5
  
  6d1c58c1c1c9d38d835f7a2f7e8ef561
- SHA1
  
  d4d7652ea8d9d218d041f6e0362dad10eb73a902
- SHA256
  
  593e1288bf819bed2b272608c8d1b78cb0ce3ba7f1da989c6e84096a6124e478
- SHA512
  
  732d71ea7fc2db097c3fba89d55e926fa2ba0255c556fd166dd861b2f1cc916d689d6ebd4deb8da3dc1607f7e496c3b6f9cc1271537b61490b98e952c83535d9
- SSDEEP
  
  384:+T7USQxrKBq5/43f86MAQOY/UAUQtERSIA5j3dag:+T7vKOq5wxY/X9dag
Score

10^/10

quasar testing spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasartestingspywaretrojan

© 2018-2024

Terms | Privacy