quasar | def1ba2695ba8d560901e950a6b24da3e432263f07dfd39be67eda2429c22332 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...30.exe

windows7-x64

JaffaCakes...30.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_1ee161d9a3de46c8b95a328a4501e330
Size

2.8MB
Sample

250106-mr5hzawrdk
MD5

1ee161d9a3de46c8b95a328a4501e330
SHA1

4d09c555d3e1290f28c677b0e6a06527b2891009
SHA256

def1ba2695ba8d560901e950a6b24da3e432263f07dfd39be67eda2429c22332
SHA512

ac28d5fc90cc9e6be0ee6a2ff69f2e3c8cbfb64baae8245a91c8724bd145767ec31f567e20deaf8cb159232c0c12bd301cd3d71b788d7d15d5f07cb9b6357e2c
SSDEEP

49152:2QjttU7vLrb/TuvO90dL3BmAFd4A64nsfJMLlgTR55IUq+z1z3/7j5/ZIIVBv:2QPuGqPrTj5hVN

Score

10^/10

quasar discovery spyware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_1ee161d9a3de46c8b95a328a4501e330.exe

Resource

win7-20240903-en

quasar discovery spyware trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_1ee161d9a3de46c8b95a328a4501e330.exe

Resource

win10v2004-20241007-en

quasar discovery spyware trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_1ee161d9a3de46c8b95a328a4501e330
- Size
  
  2.8MB
- MD5
  
  1ee161d9a3de46c8b95a328a4501e330
- SHA1
  
  4d09c555d3e1290f28c677b0e6a06527b2891009
- SHA256
  
  def1ba2695ba8d560901e950a6b24da3e432263f07dfd39be67eda2429c22332
- SHA512
  
  ac28d5fc90cc9e6be0ee6a2ff69f2e3c8cbfb64baae8245a91c8724bd145767ec31f567e20deaf8cb159232c0c12bd301cd3d71b788d7d15d5f07cb9b6357e2c
- SSDEEP
  
  49152:2QjttU7vLrb/TuvO90dL3BmAFd4A64nsfJMLlgTR55IUq+z1z3/7j5/ZIIVBv:2QPuGqPrTj5hVN
Score

10^/10

quasar discovery spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasardiscoveryspywaretrojan

behavioral2

quasardiscoveryspywaretrojan

© 2018-2025

Terms | Privacy