quasar | 4fda59b0a26d2f592d55df2fbfba352b2bb9b9509215b87869f05cbfe4f32b27 | Triage

Submit
Reports

Overview

overview

Static

static

Seron.exe

windows7-x64

Seron.exe

windows10-2004-x64

Sharing

General

Target

Seron.exe
Size

3.1MB
Sample

241227-1ldpys1jbl
MD5

60ae8e68cd5cac022863c76ef85f45c0
SHA1

effc67a7495954ebf0454e9dfde6873d68b91ab9
SHA256

4fda59b0a26d2f592d55df2fbfba352b2bb9b9509215b87869f05cbfe4f32b27
SHA512

6132ea7e8e5800d74fa972fc0623e65a5f7834efa9140c331d6f009af02a9c0e8f7b90c6733e1da655234bd89b6582339e9f8f45bb80f141123972df641a20ad
SSDEEP

49152:rvelL26AaNeWgPhlmVqvMQ7XSKOBxPESEDk/iZLoGdFzMKTHHB72eh2NT:rvOL26AaNeWgPhlmVqkQ7XSKQxwp

Score

10^/10

quasar seron spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Seron.exe

Resource

win7-20240729-en

quasar seron spyware trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Seron.exe

Resource

win10v2004-20241007-en

quasar seron spyware trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Seron

C2

nigeboc465-58875.portmap.host:58875

Mutex

eb8602ec-8a0d-4322-b9a0-544571be5a2d

Attributes

encryption_key
8BD9150EEC3DA71ED82080D7AEB7C165A58C889F
install_name
f8mk7ZGwVUpulm.exe
log_directory
Logs
reconnect_delay
3000
startup_key
f8mk7ZGwVUpulm
subdirectory
SubDir

Targets

- Target
  
  Seron.exe
- Size
  
  3.1MB
- MD5
  
  60ae8e68cd5cac022863c76ef85f45c0
- SHA1
  
  effc67a7495954ebf0454e9dfde6873d68b91ab9
- SHA256
  
  4fda59b0a26d2f592d55df2fbfba352b2bb9b9509215b87869f05cbfe4f32b27
- SHA512
  
  6132ea7e8e5800d74fa972fc0623e65a5f7834efa9140c331d6f009af02a9c0e8f7b90c6733e1da655234bd89b6582339e9f8f45bb80f141123972df641a20ad
- SSDEEP
  
  49152:rvelL26AaNeWgPhlmVqvMQ7XSKOBxPESEDk/iZLoGdFzMKTHHB72eh2NT:rvOL26AaNeWgPhlmVqkQ7XSKQxwp
Score

10^/10

quasar seron spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasarseronspywaretrojan

behavioral2

quasarseronspywaretrojan

© 2018-2024

Terms | Privacy