quasar | 721b0ad028617eb15d6311867b92973344e6afe6fa4a338e829a242a29761f83 | Triage

Submit
Reports

Overview

overview

Static

static

host.exe

windows11-21h2-x64

Sharing

General

Target

host.exe
Size

3.1MB
Sample

250205-1exjgsspds
MD5

966ff6505aaaec66e7ecde8655367a4e
SHA1

d229f5cb24314c9ef286758afbfbc9d7749b5f53
SHA256

721b0ad028617eb15d6311867b92973344e6afe6fa4a338e829a242a29761f83
SHA512

223c5fc1876d1cbe9b6d73641d92cd168a2b9ab26dfbf3ff16f92aac03efe4dc7b123a8ef30bf0208b13fbf0817b465ed7ed1c4d3c4935d14259ccb0fa9e0f0f
SSDEEP

49152:7v/lL26AaNeWgPhlmVqvMQ7XSKTxOEMkDk/JxfoGdjTHHB72eh2NT:7vNL26AaNeWgPhlmVqkQ7XSKTxy9

Score

10^/10

quasar office04 discovery spyware trojan

Static task

static1

office04 quasar

3 signatures

Behavioral task

behavioral1

Sample

host.exe

Resource

win11-20241007-en

quasar office04 discovery spyware trojan

windows11-21h2-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

griskid-49933.portmap.host:49933

Mutex

fd801fd9-6e9f-4d50-974a-9131faba7017

Attributes

encryption_key
DA5B8AF9246177D1A878A01AB790DFD8E6C5562D
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  host.exe
- Size
  
  3.1MB
- MD5
  
  966ff6505aaaec66e7ecde8655367a4e
- SHA1
  
  d229f5cb24314c9ef286758afbfbc9d7749b5f53
- SHA256
  
  721b0ad028617eb15d6311867b92973344e6afe6fa4a338e829a242a29761f83
- SHA512
  
  223c5fc1876d1cbe9b6d73641d92cd168a2b9ab26dfbf3ff16f92aac03efe4dc7b123a8ef30bf0208b13fbf0817b465ed7ed1c4d3c4935d14259ccb0fa9e0f0f
- SSDEEP
  
  49152:7v/lL26AaNeWgPhlmVqvMQ7XSKTxOEMkDk/JxfoGdjTHHB72eh2NT:7vNL26AaNeWgPhlmVqkQ7XSKTxy9
Score

10^/10

quasar office04 discovery spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasaroffice04discoveryspywaretrojan

© 2018-2025

Terms | Privacy