Extracted

• • Target

    Universal.exe

  • Size

    9.0MB

  • MD5

    42e33381c16d5e851da7389958cee425

  • SHA1

    c0cce4829dbc075fb86a32dee72c55363168a30d

  • SHA256

    9853295208c86e162ddd6a1d017ce7d137695ad396f9700306c4a9dad56632df

  • SHA512

    b338aaf0c24c0ab5cee7018b72f6ec192c014cac9219effb048129d55a075091b1238f1bf4bd66d977b2900a2b0046aaddff90c652a104c6749644c8f8dc1768

  • SSDEEP

    196608:HlDYB/HGe2s2em9572gugYlNVtrIb8bVKj8xe8dmgdM:HVYB/mU2euqn28Yj8xTk5

  Score

  10^/10

  quasaruniversaldiscoverypyinstallerspywaretrojan

  • Quasar RAT

    Quasar is an open source Remote Access Tool.

    trojanspywarequasar

  • Quasar family

    quasar

  • Quasar payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2