quasar | hxxps://drive[.]google[.]com/drive/folders/10giNQ3CzG2OWwqUogveWyzYYsj5zuqD4?usp=drive_link | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows11-21h2-x64

Sharing

General

Target

https://drive.google.com/drive/folders/10giNQ3CzG2OWwqUogveWyzYYsj5zuqD4?usp=drive_link
Sample

250106-y1xp9swpgt

Score

10^/10

quasar victim1 discovery spyware trojan

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://drive.google.com/drive/folders/10giNQ3CzG2OWwqUogveWyzYYsj5zuqD4?usp=drive_link

Resource

win11-20241007-en

quasar victim1 discovery spyware trojan

windows11-21h2-x64

21 signatures

3600 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Victim1

C2

181.215.176.83:4782

Mutex

6f1cfba9-9724-433c-8339-27dccb488538

Attributes

encryption_key
022ADDF92789AB2EDC96DBC40B2BBC6D43950778
install_name
Chrome.exe
log_directory
Application
reconnect_delay
3000
startup_key
Google Chrome Update
subdirectory
Google

Targets

- Target
  
  https://drive.google.com/drive/folders/10giNQ3CzG2OWwqUogveWyzYYsj5zuqD4?usp=drive_link
Score

10^/10

quasar victim1 discovery spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

quasarvictim1discoveryspywaretrojan

© 2018-2025

Terms | Privacy