quasar | 75839e01d7cefbc61128320ce8ddb7643acd04a4e58e1903a746faea3f9651fc | Triage

Sharing

General

Target

o1tz27zvvd.exe
Size

521KB
Sample

250322-bgmdvsylx6
MD5

5530bc12643d20c6a8a04217250b7060
SHA1

b0339211d2e646438bb46e8619ede30756d043dd
SHA256

75839e01d7cefbc61128320ce8ddb7643acd04a4e58e1903a746faea3f9651fc
SHA512

d40859281130c205dcf2fe6dd59fc5ae6ecf6ac3134db87211a20e3f088c547df0635c5f891021078d23f2768c1bfa35710cd618307878bdbcc65159c8c9da11
SSDEEP

12288:F91VwQAOsgf5vFHa4JLEliXh+OdyB0oMGTeYZFX:KOsgnHDJLEfOdy1dFX

Score

10^/10

quasar office04 spyware trojan

Malware Config

Extracted

Family

quasar

Version

1.5.0

Botnet

Office04

C2

movies-concerning.gl.at.ply.gg:12712

Mutex

5f7b0195-4eaf-4ae9-b4f8-cc2f6f6c4eb3

Attributes

encryption_key
27AAC11A05508545506D258070495FCDA9A82735
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Modded Client Startup
subdirectory
SubDir

Targets

- Target
  
  o1tz27zvvd.exe
- Size
  
  521KB
- MD5
  
  5530bc12643d20c6a8a04217250b7060
- SHA1
  
  b0339211d2e646438bb46e8619ede30756d043dd
- SHA256
  
  75839e01d7cefbc61128320ce8ddb7643acd04a4e58e1903a746faea3f9651fc
- SHA512
  
  d40859281130c205dcf2fe6dd59fc5ae6ecf6ac3134db87211a20e3f088c547df0635c5f891021078d23f2768c1bfa35710cd618307878bdbcc65159c8c9da11
- SSDEEP
  
  12288:F91VwQAOsgf5vFHa4JLEliXh+OdyB0oMGTeYZFX:KOsgnHDJLEfOdy1dFX
Score

10^/10

quasar office04 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

quasaroffice04spywaretrojan