Overview

overview

10

Static

static

3

368bf7e3b9...7N.exe

windows7-x64

10

368bf7e3b9...7N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    368bf7e3b9b8ce5604d41c09be987a8d88d28c63058d65656ef777efe8a108a7N.exe

  • Size

    523KB

  • Sample

    241117-yp8ndswqdv

  • MD5

    c53e04849d17588148c7a7b9c27835e0

  • SHA1

    5fc49d643a10c4d4659e139915503dcd849c6707

  • SHA256

    368bf7e3b9b8ce5604d41c09be987a8d88d28c63058d65656ef777efe8a108a7

  • SHA512

    2ba2b2d2b91aa8abdce55143d8185be96cd95d8341e3c8bdc5e16c2a40a7991fd1eb53e1efbbb558de72aeb468e802cc01ba07bcc7627d58dda641d4ec305a1e

  • SSDEEP

    12288:Yh1Lk70TnvjcKcVob1y3O/Yj5QmRP8Fb5Ovm0BK2zScujuMv:Ek70TrcKkoE3O/YtZV8Fcv5BKwCuMv

Score
10/10
quasardiscoveryspywaretrojan

Malware Config

Targets

    • Target

      368bf7e3b9b8ce5604d41c09be987a8d88d28c63058d65656ef777efe8a108a7N.exe

    • Size

      523KB

    • MD5

      c53e04849d17588148c7a7b9c27835e0

    • SHA1

      5fc49d643a10c4d4659e139915503dcd849c6707

    • SHA256

      368bf7e3b9b8ce5604d41c09be987a8d88d28c63058d65656ef777efe8a108a7

    • SHA512

      2ba2b2d2b91aa8abdce55143d8185be96cd95d8341e3c8bdc5e16c2a40a7991fd1eb53e1efbbb558de72aeb468e802cc01ba07bcc7627d58dda641d4ec305a1e

    • SSDEEP

      12288:Yh1Lk70TnvjcKcVob1y3O/Yj5QmRP8Fb5Ovm0BK2zScujuMv:Ek70TrcKkoE3O/YtZV8Fcv5BKwCuMv

    Score
    10/10
    quasardiscoveryspywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar family

      quasar

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks