Extracted

• • Target

    Client-built.exe

  • Size

    3.1MB

  • MD5

    32bac0be7a9c9bdd93b8b708f47f1313

  • SHA1

    1f0d7dd2e310613336fa569d3651a394ddb305fe

  • SHA256

    9828991298eb16c8df48b48dde0a056856f41c62ca4c694d86334cde1645e07c

  • SHA512

    8d797936672817abeab907c15715cf38e57eed41399c26f2af8171631d53d16d2bd693568e1b6b5a16c251f7ac030d5826a4784a4a79030753be407e794c0fb6

  • SSDEEP

    49152:djKqzUIZA0404kub/lFqkIFFIJHZ541JOOoGVJiTHHB72eh2NT:djlzUq3404kub/lFqkIFFIJHZ5u

  Score

  10^/10

  quasaroffice04discoveryspywaretrojan

  • Quasar RAT

    Quasar is an open source Remote Access Tool.

    trojanspywarequasar

  • Quasar payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2behavioral3