Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Quasar v1....e.html

windows7-x64

3

Quasar v1....e.html

windows10-2004-x64

3

Quasar v1....to.dll

windows7-x64

1

Quasar v1....to.dll

windows10-2004-x64

1

Quasar v1....ok.dll

windows7-x64

1

Quasar v1....ok.dll

windows10-2004-x64

1

Quasar v1....db.dll

windows7-x64

1

Quasar v1....db.dll

windows10-2004-x64

1

Quasar v1....db.dll

windows7-x64

1

Quasar v1....db.dll

windows10-2004-x64

1

Quasar v1....ks.dll

windows7-x64

1

Quasar v1....ks.dll

windows10-2004-x64

1

Quasar v1....il.dll

windows7-x64

1

Quasar v1....il.dll

windows10-2004-x64

1

Quasar v1....at.dll

windows7-x64

1

Quasar v1....at.dll

windows10-2004-x64

1

Quasar v1....on.dll

windows7-x64

1

Quasar v1....on.dll

windows10-2004-x64

1

Quasar v1....ar.exe

windows7-x64

10

Quasar v1....ar.exe

windows10-2004-x64

10

Quasar v1....ib.dll

windows7-x64

1

Quasar v1....ib.dll

windows10-2004-x64

1

Quasar v1....nt.exe

windows7-x64

10

Quasar v1....nt.exe

windows10-2004-x64

10

Quasar v1....et.dll

windows7-x64

1

Quasar v1....et.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Quasar.v1.4.1.zip

  • Size

    3.3MB

  • Sample

    250119-csph2askc1

  • MD5

    13aa4bf4f5ed1ac503c69470b1ede5c1

  • SHA1

    c0b7dadff8ac37f6d9fd00ae7f375e12812bfc00

  • SHA256

    4cdeb2eae1cec1ab07077142313c524e9cf360cdec63497538c4405c2d8ded62

  • SHA512

    767b03e4e0c2a97cb0282b523bcad734f0c6d226cd1e856f6861e6ae83401d0d30946ad219c8c5de3c90028a0141d3dc0111c85e0a0952156cf09e189709fa7d

  • SSDEEP

    49152:lYLmNgMh/9yUsRFeWMyYISDSwtfxZQNemi57PdHmeFINp/lFnsDbNFNepL6DJo+J:mL9U1yUUQykOQ91XFYBlR8P9d5uNJo9

Score
10/10
quasardiscoveryspywaretrojan

Malware Config

Extracted

Family

quasar

Attributes
  • reconnect_delay

    5000

Targets

    • Target

      Quasar v1.4.1/3rdPartyLicenses/BouncyCastle_license.html

    • Size

      1KB

    • MD5

      bf8d5a737e70dd3493a475b8672f14df

    • SHA1

      01d35be1b65293f7ca43ee1045424599923ab54a

    • SHA256

      6b73c0a42d138d1f05b527c7b936e79af9f44a55d52e35f912da15c0dea43d30

    • SHA512

      ecc23ef88b80944ed135233118db167bf5dc161b0392af25ae846010f9993673bbdb62f88bf6de24dc060a48a0cfe96be261d30f5dac2705ed0f01d987fe24b8

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      Quasar v1.4.1/BouncyCastle.Crypto.dll

    • Size

      3.2MB

    • MD5

      0cf454b6ed4d9e46bc40306421e4b800

    • SHA1

      9611aa929d35cbd86b87e40b628f60d5177d2411

    • SHA256

      e51721dc0647f4838b1abc592bd95fd8cb924716e8a64f83d4b947821fa1fa42

    • SHA512

      85262f1bc67a89911640f59a759b476b30ca644bd1a1d9cd3213cc8aae16d7cc6ea689815f19b146db1d26f7a75772ceb48e71e27940e3686a83eb2cf7e46048

    • SSDEEP

      49152:JIBbo0WIgmjljFtXCdRLRBcJd+KaGxHIkMNqzP56O8lZ7qXUqi9Y:6BbBWIgWljGxRB/LLY

    Score
    1/10
    behavioral3behavioral4

    • Target

      Quasar v1.4.1/Gma.System.MouseKeyHook.dll

    • Size

      56KB

    • MD5

      bfb3bd1cb571360435100bfa6ed2b997

    • SHA1

      1325e8dd76180a165117e04da4ee4a020e996880

    • SHA256

      a67a424013544c8270c12633e2e1e287cd5cf0b3f2e81e8d8204b37a03da59ef

    • SHA512

      ae5a88a9e86b9e64b8c289213f814586dfa5fe5e0cc21bdbc3e48c36d81fa9e763c6e78f24e40df07696228270ad72f408846125e61e33cae867ef8ff88a3c15

    • SSDEEP

      768:qYnDJGdu2oE3d7ltSl+Y8sCcm8Doi/L0CPw87qquEZ+r3FhuiFJ8G:VncoU48/AzPwYpNZ6rXJ8G

    Score
    1/10
    behavioral5behavioral6

    • Target

      Quasar v1.4.1/Mono.Cecil.Mdb.dll

    • Size

      42KB

    • MD5

      1c6aca0f1b1fa1661fc1e43c79334f7c

    • SHA1

      ec0f591a6d12e1ea7dc8714ec7e5ad7a04ef455d

    • SHA256

      411f8ed8c49738fa38a56ed8f991d556227d13602e83186e66ae1c4f821c940b

    • SHA512

      1c59e939d108f15881d29fe4ced4e5fa4a4476394b58b6eb464da77192cb8fe9221b7cd780af4596914d4cce7c3fc53f1bb567f944c58829de8efbe1fd87be76

    • SSDEEP

      768:Ar5EYZep98C87KHeBUZwrEzsEAnbF+em50KktmM4CRIcZwMRTIzMAtpw:Ar59g98C87KHeBUb5AnZG+zdwMRTzAtS

    Score
    1/10
    behavioral7behavioral8

    • Target

      Quasar v1.4.1/Mono.Cecil.Pdb.dll

    • Size

      87KB

    • MD5

      6d5eb860c2be5dbeb470e7d3f3e7dda4

    • SHA1

      80c76660b87c52127b1a7da48e27700f75362041

    • SHA256

      447ede1984bb4acd73bd97c0ec57a11c079cee8301c91fb199ca98c1906d3cc4

    • SHA512

      64cf4fe7de68a35720d2b9338ba9cf182e127d95d72d2ccf7ff5c73a368133663e70c988a460825fa87b2d03717a4447948d5262f56aceb7c3bf1cb3ab5a41a5

    • SSDEEP

      1536:2OCAsdBo+am5OMwr5IlALYKXgAJGsZhTjrjvjCXeO:ZCjta0OMuIlArVJGqT/jveXeO

    Score
    1/10
    behavioral10behavioral9

    • Target

      Quasar v1.4.1/Mono.Cecil.Rocks.dll

    • Size

      27KB

    • MD5

      6e7f0f4fff6c49e3f66127c23b7f1a53

    • SHA1

      14a529f8c7ee9f002d1e93dcf8ff158ab74c7e1a

    • SHA256

      2e2623319bdc362974a78ea4a43f4893011ec257884d24267f4594142fcd436e

    • SHA512

      0c773da6717dd6919cd6241d3cee26ab00bb61ea2dbeff24844a067af4c87ff5cbdb2fe3ada5db4707cee921b3fb353bd12ee22b8490597d4f67ad39bace235e

    • SSDEEP

      384:70ve8JOuJ5iC7n2NwxEXCni+VXcMeDz8PmR1ugLoaeuLMBG9UphJAprjE3uFLHa9:7+m4iCyrXOhG8uRssveum1pMFLHFBvd

    Score
    1/10
    behavioral11behavioral12

    • Target

      Quasar v1.4.1/Mono.Cecil.dll

    • Size

      350KB

    • MD5

      de69bb29d6a9dfb615a90df3580d63b1

    • SHA1

      74446b4dcc146ce61e5216bf7efac186adf7849b

    • SHA256

      f66f97866433e688acc3e4cd1e6ef14505f81df6b26dd6215e376767f6f954bc

    • SHA512

      6e96a510966a4acbca900773d4409720b0771fede37f24431bf0d8b9c611eaa152ba05ee588bb17f796d7b8caaccc10534e7cc1c907c28ddfa54ac4ce3952015

    • SSDEEP

      6144:jIevdbLPNYe8bikm98KXPHhOWY/fFREomhUFD3z:se1PNL+QRfBg/f/EWFD

    Score
    1/10
    behavioral13behavioral14

    • Target

      Quasar v1.4.1/Open.Nat.dll

    • Size

      68KB

    • MD5

      cc6f6503d29a99f37b73bfd881de8ae0

    • SHA1

      92d3334898dbb718408f1f134fe2914ef666ce46

    • SHA256

      0b1e0d8f87f557b52315d98c1f4727e539f5120d20b4ca9edba548983213fbb5

    • SHA512

      7f4c0a35b612b864ad9bc6a46370801ed7433424791622bf77bf47d6a776cb6a49e4977b34725ead5d0feaa1c9516db2ca75cb8872c77a8f2fab6c37740b681f

    • SSDEEP

      768:sF6vHHLFkywkNh5qtHMjkCifoydVXw5FxusiolecziijiSvD+ZGFa4Pw6OdrGHUm:8GmyJNh0tbt3MLQ9W2rG0Ydd

    Score
    1/10
    behavioral15behavioral16

    • Target

      Quasar v1.4.1/Quasar.Common.dll

    • Size

      62KB

    • MD5

      2185564051ea2e046d9f711ed3cd93ff

    • SHA1

      2f2d7fd470da6d126582ad80df2802aabd6c9cea

    • SHA256

      de930a748e4dc08c851ba0a22afce8dcfd0f15f23b291f9306c8ef6ccd7460a2

    • SHA512

      00af241c1f89b478e66d758db26ed0a413b690d695abf91211b5cbc3985133632327ea0fc41140bd61d02271b6aa278a8e8f539d8ca6ce94972aef50c1a9c868

    • SSDEEP

      768:hiF6Vg9HIxFMu9brfp0kUEb9k/pUHRfp0YDpb4rILMgYY44YYXINk6I+QyIFLwSu:h9Nc7firfS0kE5Ia8I4Z

    Score
    1/10
    behavioral17behavioral18

    • Target

      Quasar v1.4.1/Quasar.exe

    • Size

      1.2MB

    • MD5

      12ebf922aa80d13f8887e4c8c5e7be83

    • SHA1

      7f87a80513e13efd45175e8f2511c2cd17ff51e8

    • SHA256

      43315abb9c8be9a39782bd8694a7ea9f16a867500dc804454d04b8bf2c15c51e

    • SHA512

      fda5071e15cf077d202b08db741bbfb3dbd815acc41deec7b7d44e055cac408e2f2de7233f8f9c5c618afd00ffc2fc4c6e8352cbdf18f9aab55d980dcb58a275

    • SSDEEP

      12288:IwPs012cBBBYiL9l/bFfpBBBBBBBBBBBBcA:jBBBYiLvzFfpBBBBBBBBBBBBcA

    Score
    10/10
    quasarspywaretrojan
    behavioral19behavioral20

    • Target

      Quasar v1.4.1/Vestris.ResourceLib.dll

    • Size

      76KB

    • MD5

      944ce5123c94c66a50376e7b37e3a6a6

    • SHA1

      a1936ac79c987a5ba47ca3d023f740401f73529b

    • SHA256

      7da3f0e77c4dddc82df7c16c8c781fade599b7c91e3d32eefbce215b8f06b12a

    • SHA512

      4c034ff51cc01567f3cb0796575528ca44623b864eb606266bcf955a9259ed26b20bec0086d79038158d3a5af2ada0a90f59d7c6aae9e545294fe77825dbe08b

    • SSDEEP

      1536:CSSYikTF0Z+sFGu11tIcyI1MtI9eDG3fL7:CJYD0Z9FGu11teI1r9ea3

    Score
    1/10
    behavioral21behavioral22

    • Target

      Quasar v1.4.1/client.bin

    • Size

      3.1MB

    • MD5

      f4d16cfe4cad388255e43f258329f805

    • SHA1

      fe7cc6c9eb76b5ad97867b46d053fae601fd4a2d

    • SHA256

      8fb6ae3496d4ac025eab443d3e322b0faa3461d25b54093c9205d35746e3250e

    • SHA512

      867045eac0f7765e6bea51e62bc4ed68b1e81ce6c2843d2e08714eb391a8ac94c2571c09828286252248400ea5c12bffa50a25c8ec5ad9e6d0bb836320ec188f

    • SSDEEP

      49152:4nb7+y2FqZaVmN+PqlhU/mevlL1nYtsCeAcxUuxG2THHB72eh2NT:4nf+y2FqZaVmN+PqlhU//vlL1Yts3Bx

    Score
    10/10
    quasarspywaretrojan
    behavioral23behavioral24

    • Target

      Quasar v1.4.1/protobuf-net.dll

    • Size

      282KB

    • MD5

      abc82ae4f579a0bbfa2a93db1486eb38

    • SHA1

      faa645b92e3de7037c23e99dd2101ef3da5756e5

    • SHA256

      ca6608346291ec82ee4acf8017c90e72db2ee7598015f695120c328d25319ec6

    • SHA512

      e06ee564fdd3fe2e26b0dec744a969a94e4b63a2e37692a7dcc244cb7949b584d895e9d3766ea52c9fe72b7a31dacf4551f86ea0d7c987b80903ff43be9faed3

    • SSDEEP

      3072:yRAISQ1tRSVB3zpKTEPn6Rc0qus/6GMzzeSXLifsE2s58IB7aoqng5YnDBzs39AH:yRFD1niy6n6KwhO5mIYpnNzgGD0u

    Score
    1/10
    behavioral25behavioral26

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.