quasar | ec34f78b2ed8239bd50e0beb22c61ee72f9902f356aa964b5d83087386985c75 | Triage

Submit
Reports

Overview

overview

Static

static

1

pack.mcmeta

windows11-21h2-x64

Sharing

General

Target

pack.mcmeta
Size

109B
Sample

250119-s8hy7avmfl
MD5

43ccda95b5c701c0fcf59baee8f7e30f
SHA1

0e243064e052298ebb619297c4516886712246d0
SHA256

ec34f78b2ed8239bd50e0beb22c61ee72f9902f356aa964b5d83087386985c75
SHA512

a5ec7e401e6fcb6d988d2801a3fe162cd2aa98d3f626a9b20493d268d6b9868f1fb236d6b3f351ebff41be4569d74e1d85e527952fd401a0640bb154af8e834f

Score

10^/10

quasar office042 discovery spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

pack.mcmeta

Resource

win11-20241007-en

quasar office042 discovery spyware trojan

windows11-21h2-x64

20 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office042

C2

127.0.0.1:4782

Mutex

4fdba42b-1529-4894-a5f2-8af35850b68c

Attributes

encryption_key
95D889B5EA350B61B463513FC30DBCFBC48B664D
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  pack.mcmeta
- Size
  
  109B
- MD5
  
  43ccda95b5c701c0fcf59baee8f7e30f
- SHA1
  
  0e243064e052298ebb619297c4516886712246d0
- SHA256
  
  ec34f78b2ed8239bd50e0beb22c61ee72f9902f356aa964b5d83087386985c75
- SHA512
  
  a5ec7e401e6fcb6d988d2801a3fe162cd2aa98d3f626a9b20493d268d6b9868f1fb236d6b3f351ebff41be4569d74e1d85e527952fd401a0640bb154af8e834f
Score

10^/10

quasar office042 discovery spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

quasaroffice042discoveryspywaretrojan

© 2018-2025

Terms | Privacy