quasar | d8a785ee093e2de80f62b04a8c2c2140cd71e4f759b0f8506b9b5e95b7a18797 | Triage

Submit
Reports

Overview

overview

Static

static

Alantis.exe

windows7-x64

Alantis.exe

windows10-2004-x64

Sharing

General

Target

Alantis.exe
Size

3.1MB
Sample

250125-zpyc4a1pfm
MD5

4383762bc2b4902a7a0a53de0f4fc86b
SHA1

1fdf25af3d2ce3b006a7bfc0ebf697e4d3bc6781
SHA256

d8a785ee093e2de80f62b04a8c2c2140cd71e4f759b0f8506b9b5e95b7a18797
SHA512

8d3b1ebe39bfe0f8562f8d79371d2611dfe7bcd1faf23540393c7454c72dd0ff5b707fb192dbe5102ccdb911b2c753d0eb48b8da3e2916fa1e49e89b98cbf6be
SSDEEP

49152:mvyI22SsaNYfdPBldt698dBcjHsLxNESEsk/iwLoGdhTTHHB72eh2NT:mvf22SsaNYfdPBldt6+dBcjHMxvO

Score

10^/10

quasar user 1 spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Alantis.exe

Resource

win7-20240903-en

quasar user 1 spyware trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Alantis.exe

Resource

win10v2004-20241007-en

quasar user 1 spyware trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

User 1

C2

98.7.107.133:4782

Mutex

23bbbc6e-4ec1-49b8-a1ff-368f79119ac2

Attributes

encryption_key
52726EFCD3973C2418A54B3559AAEB44B57B8A6A
install_name
Alantis.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Windows Defender
subdirectory
Roblox

Targets

- Target
  
  Alantis.exe
- Size
  
  3.1MB
- MD5
  
  4383762bc2b4902a7a0a53de0f4fc86b
- SHA1
  
  1fdf25af3d2ce3b006a7bfc0ebf697e4d3bc6781
- SHA256
  
  d8a785ee093e2de80f62b04a8c2c2140cd71e4f759b0f8506b9b5e95b7a18797
- SHA512
  
  8d3b1ebe39bfe0f8562f8d79371d2611dfe7bcd1faf23540393c7454c72dd0ff5b707fb192dbe5102ccdb911b2c753d0eb48b8da3e2916fa1e49e89b98cbf6be
- SSDEEP
  
  49152:mvyI22SsaNYfdPBldt698dBcjHsLxNESEsk/iwLoGdhTTHHB72eh2NT:mvf22SsaNYfdPBldt6+dBcjHMxvO
Score

10^/10

quasar user 1 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasaruser 1spywaretrojan

behavioral2

quasaruser 1spywaretrojan

© 2018-2025

Terms | Privacy