General
-
Target
https://github.com/quasar/Quasar/releases/download/v1.4.1/Quasar.v1.4.1.zip
-
Sample
250327-vp3klavyfs
Score
10/10
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
Office04
C2
Sigma:4782
Mutex
5dd3911a-6fd5-49b3-be06-045737a22fba
Attributes
-
encryption_key
C05479B42619500641FE325FF99D3043999E146B
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Windows AV
-
subdirectory
SubDir
Targets
-
-
Target
https://github.com/quasar/Quasar/releases/download/v1.4.1/Quasar.v1.4.1.zip
Score10/10-
Quasar RAT
Quasar is an open source Remote Access Tool.
-
Quasar family
-
Quasar payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-