quasar | 47ff1dbbac79cfb9785493fa01f83c3e1ec4cb879ad2d3bb402734b97e92fe87 | Triage

Submit
Reports

Overview

overview

Static

static

rat.exe

windows7-x64

rat.exe

windows10-2004-x64

Sharing

General

Target

rat.exe
Size

3.1MB
Sample

250101-3cmbvasmgk
MD5

c4f3b1eef454c4f4f19862424484cbe5
SHA1

7ed25513276cd7199c0a8e934196c5fccf848629
SHA256

47ff1dbbac79cfb9785493fa01f83c3e1ec4cb879ad2d3bb402734b97e92fe87
SHA512

ae444abac7d15b972f16c3397ee28090fb5e94657bd4eb0a6b12ad1d58a6e76a037f3dc7eb4b72f9ef9c9726dbbdac733ef9c183c7ae5bd4b69979d765ff58cd
SSDEEP

49152:Sv3I22SsaNYfdPBldt698dBcjHQ/RJ6obR3LoGd/THHB72eh2NT:Sv422SsaNYfdPBldt6+dBcjHQ/RJ6C

Score

10^/10

quasar first spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

rat.exe

Resource

win7-20241010-en

quasar first spyware trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

rat.exe

Resource

win10v2004-20241007-en

quasar first spyware trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

first

C2

192.168.1.197:4782

Mutex

44382739-6e8e-4a03-b838-6ed9f8f4bf36

Attributes

encryption_key
59DD70006F5E5424ACBA442199524AA9815F439E
install_name
Calculator.exe
log_directory
Logs
reconnect_delay
3000
startup_key
RtkAudUService86
subdirectory
Calculator_UWP

Targets

- Target
  
  rat.exe
- Size
  
  3.1MB
- MD5
  
  c4f3b1eef454c4f4f19862424484cbe5
- SHA1
  
  7ed25513276cd7199c0a8e934196c5fccf848629
- SHA256
  
  47ff1dbbac79cfb9785493fa01f83c3e1ec4cb879ad2d3bb402734b97e92fe87
- SHA512
  
  ae444abac7d15b972f16c3397ee28090fb5e94657bd4eb0a6b12ad1d58a6e76a037f3dc7eb4b72f9ef9c9726dbbdac733ef9c183c7ae5bd4b69979d765ff58cd
- SSDEEP
  
  49152:Sv3I22SsaNYfdPBldt698dBcjHQ/RJ6obR3LoGd/THHB72eh2NT:Sv422SsaNYfdPBldt6+dBcjHQ/RJ6C
Score

10^/10

quasar first spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasarfirstspywaretrojan

behavioral2

quasarfirstspywaretrojan

© 2018-2025

Terms | Privacy