quasar | ce179bf67e184c300fbc5b796ef511c14470a9d3c970298bc8e52beaf7fb1195 | Triage

Submit
Reports

Overview

overview

Static

static

BITCOIN GE...TE.zip

windows11-21h2-x64

Sharing

General

Target

BITCOIN GEN PRIVATE.zip
Size

1.2MB
Sample

241228-128j9ssqez
MD5

2e0fc78070cbd8de4396acfe491986ac
SHA1

f6bf2b612f83f90483d12792696f9529840ad3ac
SHA256

ce179bf67e184c300fbc5b796ef511c14470a9d3c970298bc8e52beaf7fb1195
SHA512

dfcb0391f27912eb0bef5ba9dcfcfaff38f9a6886ffbd23e2ca70ec66a203050fbbe22544894936653cf99bc2c86948692b0e43e87377a5088c59a079167b814
SSDEEP

24576:2pXWKEEizZPwD9NzHNTjInXCzJ9tgNODSY/X/ifKsxA42DUSL6/:2lW12zFISWisxA42Yw6/

Score

10^/10

quasar office04 discovery spyware trojan

Static task

static1

office04 quasar

3 signatures

Behavioral task

behavioral1

Sample

BITCOIN GEN PRIVATE.zip

Resource

win11-20241007-en

quasar office04 discovery spyware trojan

windows11-21h2-x64

15 signatures

900 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

192.168.56.1:4782

Mutex

275f2628-c225-4b94-8c3e-6fb61e5e53af

Attributes

encryption_key
F72BC567B8A2606D9029D70BA29A969A6DEB42D8
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  BITCOIN GEN PRIVATE.zip
- Size
  
  1.2MB
- MD5
  
  2e0fc78070cbd8de4396acfe491986ac
- SHA1
  
  f6bf2b612f83f90483d12792696f9529840ad3ac
- SHA256
  
  ce179bf67e184c300fbc5b796ef511c14470a9d3c970298bc8e52beaf7fb1195
- SHA512
  
  dfcb0391f27912eb0bef5ba9dcfcfaff38f9a6886ffbd23e2ca70ec66a203050fbbe22544894936653cf99bc2c86948692b0e43e87377a5088c59a079167b814
- SSDEEP
  
  24576:2pXWKEEizZPwD9NzHNTjInXCzJ9tgNODSY/X/ifKsxA42DUSL6/:2lW12zFISWisxA42Yw6/
Score

10^/10

quasar office04 discovery spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasaroffice04discoveryspywaretrojan

© 2018-2024

Terms | Privacy