quasar | 981f2a7171d95727552a99245694f1283bc1188ec09d3946fb075c3fe1b0a2ce | Triage

Submit
Reports

Overview

overview

Static

static

eclipse executor.exe

windows7-x64

eclipse executor.exe

windows10-2004-x64

Sharing

General

Target

eclipse executor.exe
Size

3.1MB
Sample

250126-hjce1avmgv
MD5

9d918d732629fc36b8230dc336f1f8af
SHA1

50297e276fde5a6f9ccd115de12dbba9d3893e92
SHA256

981f2a7171d95727552a99245694f1283bc1188ec09d3946fb075c3fe1b0a2ce
SHA512

4898b309c1df3f79e2d026be2e19406d384b88d6b526957c253087007d01a23b3f40f1c375f1be5eee5f05121d361e82fe4c66845bc02b9aa6727cf820259b05
SSDEEP

49152:SvvI22SsaNYfdPBldt698dBcjH2j5VbR4jLoGdMITHHB72eh2NT:Svg22SsaNYfdPBldt6+dBcjH2j5Mv

Score

10^/10

quasar made spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

eclipse executor.exe

Resource

win7-20240903-en

quasar made spyware trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

eclipse executor.exe

Resource

win10v2004-20241007-en

quasar made spyware trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

made

C2

2001:569:7e70:6a00:c8f3:749c:278f:2c17:4782

Mutex

9d96368e-1352-46e3-8281-8f5eaf945edb

Attributes

encryption_key
AF603C3CFA231D1BD841E315C27377C7E4A49333
install_name
client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Java startup
subdirectory
SubDir

Targets

- Target
  
  eclipse executor.exe
- Size
  
  3.1MB
- MD5
  
  9d918d732629fc36b8230dc336f1f8af
- SHA1
  
  50297e276fde5a6f9ccd115de12dbba9d3893e92
- SHA256
  
  981f2a7171d95727552a99245694f1283bc1188ec09d3946fb075c3fe1b0a2ce
- SHA512
  
  4898b309c1df3f79e2d026be2e19406d384b88d6b526957c253087007d01a23b3f40f1c375f1be5eee5f05121d361e82fe4c66845bc02b9aa6727cf820259b05
- SSDEEP
  
  49152:SvvI22SsaNYfdPBldt698dBcjH2j5VbR4jLoGdMITHHB72eh2NT:Svg22SsaNYfdPBldt6+dBcjH2j5Mv
Score

10^/10

quasar made spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasarmadespywaretrojan

behavioral2

quasarmadespywaretrojan

© 2018-2025

Terms | Privacy