Extracted

• • Target

    Summrs.exe

  • Size

    3.1MB

  • MD5

    77d34210e82e24fb0b5adbb1094f272f

  • SHA1

    bc20888016a83b6628e7ab460e68b0a467bf3bf3

  • SHA256

    d8f7896edc45702da8a6c984d10fa00d2ea3c73c0fa8b08b689cf89ff1e5cd0e

  • SHA512

    766f0f97752fd0e63d08474f1d4c32a7ca88854f58d2e59903f2218134136bed45e9fbb6d375fcc3677bca4b95a1aec3e0830e27f510bbf4f88e04e6814f4a04

  • SSDEEP

    49152:CvgG42pda6D+/PjlLOlg6yQipVSyRJ6hbR3LoGd4jTHHB72eh2NT:Cvj42pda6D+/PjlLOlZyQipVSyRJ6DI

  Score

  10^/10

  quasaroffice04discoveryspywaretrojan

  • Quasar RAT

    Quasar is an open source Remote Access Tool.

    trojanspywarequasar

  • Quasar family

    quasar

  • Quasar payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Drops file in System32 directory

  behavioral1