Extracted

• • Target

    ConfigOnlyfan.exe

  • Size

    1.7MB

  • MD5

    126d31857003b2419fcbbb56badd03ec

  • SHA1

    3d3dba10a7b40717d5417c69e8ef877e9e020e5b

  • SHA256

    585994f293d32b4ec6e4dc54d1070be1d354cc8d664e093e04f803668a5dd7eb

  • SHA512

    5e28b04d1af7dd44425c38ca6d44ccb7070ba5e19023762012f40e5bfc844d9814faec5af50dd284ffda0077be8fa00f8a23fd08c7bc692639f4c56e5d126be3

  • SSDEEP

    49152:zgqKIXz0IxxiXIHLyolt7queAFJX4PxYL:zzXxqIHL5t7bRIE

  Score

  10^/10

  quasaroffice04spywaretrojan

  • Quasar RAT

    Quasar is an open source Remote Access Tool.

    trojanspywarequasar

  • Quasar family

    quasar

  • Quasar payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2