Overview

overview

10

Static

static

10

Client-built.exe

windows7-x64

10

Client-built.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    3.1MB

  • Sample

    250327-t8p8yavwcz

  • MD5

    d99d7d556d5021fbd6926bc2dbf937cb

  • SHA1

    a84dba6c50fb7a9fb96a88034a0b0beca902d816

  • SHA256

    a94e45818c0b816f85d0c2608c0a1b03e75090b2c5930f20a42c7d127579e5e9

  • SHA512

    41b1f8b7887d6288bdc868ce941c2368e576503c272e0a48f9c662e67ee253ea62c5cef3a34a25d15515e37175465c281f8219450542c18db7d5326423cae8c9

  • SSDEEP

    49152:Wvkt62XlaSFNWPjljiFa2RoUYI59RJ6ubR3LoGdroTHHB72eh2NT:Wv462XlaSFNWPjljiFXRoUYI59RJ6ob

Score
10/10
quasaroffice04spywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

192.168.0.20:4782

Mutex

09fd8aa4-f8ef-40d0-96f7-029c82b74a3a

Attributes
  • encryption_key

    5FA4C5B780FA0149296752FBE0A794A5BF0E5B11

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    dont mind this

  • subdirectory

    SubDir

Targets

    • Target

      Client-built.exe

    • Size

      3.1MB

    • MD5

      d99d7d556d5021fbd6926bc2dbf937cb

    • SHA1

      a84dba6c50fb7a9fb96a88034a0b0beca902d816

    • SHA256

      a94e45818c0b816f85d0c2608c0a1b03e75090b2c5930f20a42c7d127579e5e9

    • SHA512

      41b1f8b7887d6288bdc868ce941c2368e576503c272e0a48f9c662e67ee253ea62c5cef3a34a25d15515e37175465c281f8219450542c18db7d5326423cae8c9

    • SSDEEP

      49152:Wvkt62XlaSFNWPjljiFa2RoUYI59RJ6ubR3LoGdroTHHB72eh2NT:Wv462XlaSFNWPjljiFXRoUYI59RJ6ob

    Score
    10/10
    quasaroffice04spywaretrojan

    • Quasar RAT

      Quasar is an open source Remote Access Tool.

      trojanspywarequasar

    • Quasar family

      quasar

    • Quasar payload

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.