quasar | c3fbb3ebbdf80a8353d1e7b6a4d5a8ba13682dd174a71e007d7760758c43aece | Triage

Submit
Reports

Overview

overview

Static

static

c3fbb3ebbd...ce.exe

windows7-x64

c3fbb3ebbd...ce.exe

windows10-2004-x64

Sharing

General

Target

c3fbb3ebbdf80a8353d1e7b6a4d5a8ba13682dd174a71e007d7760758c43aece.exe
Size

3.1MB
Sample

250203-d97avaypg1
MD5

9ed0669c1fe2cddd4eed6bedf9212693
SHA1

63cb8ea01a0938bb77292116b4e5faed5618d19d
SHA256

c3fbb3ebbdf80a8353d1e7b6a4d5a8ba13682dd174a71e007d7760758c43aece
SHA512

c25e8c4a143a7a337ac53da2e15c6bb5b682d16ed6c9b6784fa99e7f0246f5c1d930ddba30b99cb58cf9ddaed96ea076756b42489c1971be30754c87d0b3a72c
SSDEEP

49152:OvKI22SsaNYfdPBldt698dBcjH5HRJ6RbR3LoGdNZTHHB72eh2NT:Ovn22SsaNYfdPBldt6+dBcjH5HRJ6z

Score

10^/10

quasar 2025 spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

c3fbb3ebbdf80a8353d1e7b6a4d5a8ba13682dd174a71e007d7760758c43aece.exe

Resource

win7-20240903-en

quasar 2025 spyware trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

c3fbb3ebbdf80a8353d1e7b6a4d5a8ba13682dd174a71e007d7760758c43aece.exe

Resource

win10v2004-20250129-en

quasar 2025 spyware trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

2025

C2

ducksro.DUCKDNS.ORG:5

Mutex

1b9237ca-608d-47fd-ae80-bba1f4ba0322

Attributes

encryption_key
B61B5E36913EE1C537DD4B68B384FA4355C64906
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  c3fbb3ebbdf80a8353d1e7b6a4d5a8ba13682dd174a71e007d7760758c43aece.exe
- Size
  
  3.1MB
- MD5
  
  9ed0669c1fe2cddd4eed6bedf9212693
- SHA1
  
  63cb8ea01a0938bb77292116b4e5faed5618d19d
- SHA256
  
  c3fbb3ebbdf80a8353d1e7b6a4d5a8ba13682dd174a71e007d7760758c43aece
- SHA512
  
  c25e8c4a143a7a337ac53da2e15c6bb5b682d16ed6c9b6784fa99e7f0246f5c1d930ddba30b99cb58cf9ddaed96ea076756b42489c1971be30754c87d0b3a72c
- SSDEEP
  
  49152:OvKI22SsaNYfdPBldt698dBcjH5HRJ6RbR3LoGdNZTHHB72eh2NT:Ovn22SsaNYfdPBldt6+dBcjH5HRJ6z
Score

10^/10

quasar 2025 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

quasar2025spywaretrojan

behavioral2

quasar2025spywaretrojan

© 2018-2025

Terms | Privacy