quasar | 87c04dddca46b42e8221c9c002ff39beec48ba8bf9577002df307cca6942b7f4 | Triage

Submit
Reports

Overview

overview

Static

static

1

Roblox Exp...s.html

windows11-21h2-x64

Sharing

General

Target

Roblox Exploits & Hacks & Cheats - WeAreDevs.html
Size

44KB
Sample

241120-npx7jswmgs
MD5

cad3e9b4722a16f18422ec673d13d05b
SHA1

efd4f5fff4b3c5d2afd1187b0dc2e681870c8c78
SHA256

87c04dddca46b42e8221c9c002ff39beec48ba8bf9577002df307cca6942b7f4
SHA512

e78dd24ae9c379986db4c780be5d6dedfc470cce8fa5bb4bc8e75a4b21362a001f144c30e0bd75f76dad0e6b106bcc2ab505195319b92de3f83eb1729545f040
SSDEEP

768:lEk5ilUlLqIiVfvOflS5/u01/8xWApJingqna03O7m7Y7r2GublSNFSrZ/:ll5ilUlLqIiVfWflS5/u0/8xWAringqJ

Score

10^/10

quasar discovery phishing spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

Roblox Exploits & Hacks & Cheats - WeAreDevs.html

Resource

win11-20241007-en

quasar discovery phishing spyware trojan

windows11-21h2-x64

26 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Roblox Exploits & Hacks & Cheats - WeAreDevs.html
- Size
  
  44KB
- MD5
  
  cad3e9b4722a16f18422ec673d13d05b
- SHA1
  
  efd4f5fff4b3c5d2afd1187b0dc2e681870c8c78
- SHA256
  
  87c04dddca46b42e8221c9c002ff39beec48ba8bf9577002df307cca6942b7f4
- SHA512
  
  e78dd24ae9c379986db4c780be5d6dedfc470cce8fa5bb4bc8e75a4b21362a001f144c30e0bd75f76dad0e6b106bcc2ab505195319b92de3f83eb1729545f040
- SSDEEP
  
  768:lEk5ilUlLqIiVfvOflS5/u01/8xWApJingqna03O7m7Y7r2GublSNFSrZ/:ll5ilUlLqIiVfWflS5/u0/8xWAringqJ
Score

10^/10

quasar discovery phishing spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- A potential corporate email address has been identified in the URL: %./2678@CDFRabcdefghilmnoprstuvwy
  phishing
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Network Share Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

quasardiscoveryphishingspywaretrojan

© 2018-2024

Terms | Privacy