quasar | 2d260adb5fc05bfb17a1e56e87e2b3eb739d8febf2671fd5d3609ff3cd56bfe7 | Triage

Submit
Reports

Overview

overview

Static

static

Client-built.exe

windows10-ltsc 2021-x64

Sharing

General

Target

Client-built.exe
Size

3.1MB
Sample

241210-adezya1nfp
MD5

7949ac4868bbd751e06e94d9b33b95a6
SHA1

5700606d7c246a6abf4005c0a45824071fa801aa
SHA256

2d260adb5fc05bfb17a1e56e87e2b3eb739d8febf2671fd5d3609ff3cd56bfe7
SHA512

7f27e6208e65350ab98bfec4a306059dfa098819106a85b5db9bd88c2275179054f232aa47c41d07a6433725d60a69472dd6986a6871a0bdbbdef47fb2e9c31c
SSDEEP

49152:jv7lL26AaNeWgPhlmVqvMQ7XSKMeRXBxNsoGdivdYTHHB72eh2NT:jvhL26AaNeWgPhlmVqkQ7XSKMeRyy

Score

10^/10

quasar office04 spyware trojan

Static task

static1

office04 quasar

3 signatures

Behavioral task

behavioral1

Sample

Client-built.exe

Resource

win10ltsc2021-20241023-en

quasar office04 spyware trojan

windows10-ltsc 2021-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

68.8.112.15:443

192.168.0.41:443

Mutex

68c72d56-7c01-4752-8b16-99645c1898fc

Attributes

encryption_key
6A865538EA2172CEA230F0158FFB3F9E7FC36141
install_name
Client.exe
log_directory
Logs
reconnect_delay
5
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  Client-built.exe
- Size
  
  3.1MB
- MD5
  
  7949ac4868bbd751e06e94d9b33b95a6
- SHA1
  
  5700606d7c246a6abf4005c0a45824071fa801aa
- SHA256
  
  2d260adb5fc05bfb17a1e56e87e2b3eb739d8febf2671fd5d3609ff3cd56bfe7
- SHA512
  
  7f27e6208e65350ab98bfec4a306059dfa098819106a85b5db9bd88c2275179054f232aa47c41d07a6433725d60a69472dd6986a6871a0bdbbdef47fb2e9c31c
- SSDEEP
  
  49152:jv7lL26AaNeWgPhlmVqvMQ7XSKMeRXBxNsoGdivdYTHHB72eh2NT:jvhL26AaNeWgPhlmVqkQ7XSKMeRyy
Score

10^/10

quasar office04 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasaroffice04spywaretrojan

© 2018-2024

Terms | Privacy