quasar | 4406fc9a225a2f82d1fbb49d68bf6c37699acaa67606dbe6c9f87387f1f98522 | Triage

Sharing

General

Target

Client-built2.exe
Size

3.1MB
Sample

241109-ggzl3sygln
MD5

153e0586ce82c8d58861ee71ccfd5709
SHA1

6144cf2b6591e81d7bb1e427864ad5b2cec25655
SHA256

4406fc9a225a2f82d1fbb49d68bf6c37699acaa67606dbe6c9f87387f1f98522
SHA512

3e4e6f1b4278dd08eb1b3ea2fe66ab7674815500658c5d01ba353b679d0895fb852148527a5f622f2e484d2e9e335033d00b8c49673545bb2daecae73b435ca5
SSDEEP

49152:PvyI22SsaNYfdPBldt698dBcjH8VPhb1JpjoGdKTHHB72eh2NT:Pvf22SsaNYfdPBldt6+dBcjH8VPhd

Score

10^/10

quasar office04 spyware trojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

190.104.116.8:4782

Mutex

e51e2b65-e963-4051-9736-67d57ed46798

Attributes

encryption_key
AEA258EF65BF1786F0F767C0BE2497ECC304C46F
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  Client-built2.exe
- Size
  
  3.1MB
- MD5
  
  153e0586ce82c8d58861ee71ccfd5709
- SHA1
  
  6144cf2b6591e81d7bb1e427864ad5b2cec25655
- SHA256
  
  4406fc9a225a2f82d1fbb49d68bf6c37699acaa67606dbe6c9f87387f1f98522
- SHA512
  
  3e4e6f1b4278dd08eb1b3ea2fe66ab7674815500658c5d01ba353b679d0895fb852148527a5f622f2e484d2e9e335033d00b8c49673545bb2daecae73b435ca5
- SSDEEP
  
  49152:PvyI22SsaNYfdPBldt698dBcjH8VPhb1JpjoGdKTHHB72eh2NT:Pvf22SsaNYfdPBldt6+dBcjH8VPhd
Score

10^/10

quasar office04 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasaroffice04spywaretrojan