quasar | 145141e7ea0e4f2822ae99180440c6292dcb2f9e9a2598163dcab2c360b4f3ab | Triage

Submit
Reports

Overview

overview

Static

static

1

robux gratis.7z

windows10-ltsc 2021-x64

Sharing

General

Target

robux gratis.7z
Size

922KB
Sample

241106-fw2jjsvfkd
MD5

97e9650a3610acc5fc5ef7963bb8a360
SHA1

7e5c75924f1259826b1942bed83e33a0215a1395
SHA256

145141e7ea0e4f2822ae99180440c6292dcb2f9e9a2598163dcab2c360b4f3ab
SHA512

91612c9456eb0623b3616258675bddcd7e044b8b940b18fa2f6ff6ea2c0586485c78b91f4fee61eacbb9fb2a751b8d361054a50a4c80e6c658ac50da4eb8b673
SSDEEP

12288:m+QtNw0HekMPi8lfSEcwneuKJn+3/yfa8RSG7c8Tp9mv9+gk6X+avmno7hD4n0w0:mJmf9Fn2+fA/71dEv9dOEmo7hu0W1rU

Score

10^/10

quasar office04 discovery spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

robux gratis.7z

Resource

win10ltsc2021-20241023-en

quasar office04 discovery spyware trojan

windows10-ltsc 2021-x64

18 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

dekuvigilante-41890.portmap.host:41890

Mutex

086d7576-14dc-4aaf-9a00-36298763f03a

Attributes

encryption_key
8932B12BC567FB3E89D07C4894A90D4851404A4E
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
actualizacion de windows
subdirectory
SubDir

Targets

- Target
  
  robux gratis.7z
- Size
  
  922KB
- MD5
  
  97e9650a3610acc5fc5ef7963bb8a360
- SHA1
  
  7e5c75924f1259826b1942bed83e33a0215a1395
- SHA256
  
  145141e7ea0e4f2822ae99180440c6292dcb2f9e9a2598163dcab2c360b4f3ab
- SHA512
  
  91612c9456eb0623b3616258675bddcd7e044b8b940b18fa2f6ff6ea2c0586485c78b91f4fee61eacbb9fb2a751b8d361054a50a4c80e6c658ac50da4eb8b673
- SSDEEP
  
  12288:m+QtNw0HekMPi8lfSEcwneuKJn+3/yfa8RSG7c8Tp9mv9+gk6X+avmno7hD4n0w0:mJmf9Fn2+fA/71dEv9dOEmo7hu0W1rU
Score

10^/10

quasar office04 discovery spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasaroffice04discoveryspywaretrojan

© 2018-2025

Terms | Privacy