quasar | ffb50e35763c41066a9e59e539c4fd1dc6c8c265fe226ea816399504fc6b35ee | Triage

Submit
Reports

Overview

overview

Static

static

tool.exe

windows10-ltsc_2021-x64

Sharing

General

Target

tool.exe
Size

3.1MB
Sample

250328-pzznssxp16
MD5

ea20f6c991b2a0f4dd78128337d36323
SHA1

4b558eb513af2ca5596fa74a8fe8d93eec911a36
SHA256

ffb50e35763c41066a9e59e539c4fd1dc6c8c265fe226ea816399504fc6b35ee
SHA512

a8eadc8ec65e27f95ef210d0a8ac3dcaa4be613e84b15b188817f352a5ea976923e4a615a51b70c2ab3372ad8bb002144043bd2d2deb9e355d905f2d897c10a5
SSDEEP

49152:3v2I22SsaNYfdPBldt698dBcjHkO4GdrmuvJ40oGdRflTHHB72eh2NT:3vb22SsaNYfdPBldt6+dBcjHPjmep

Score

10^/10

quasar conneceted spyware trojan

Static task

static1

conneceted quasar

3 signatures

Behavioral task

behavioral1

Sample

tool.exe

Resource

win10ltsc2021-20250314-en

quasar conneceted spyware trojan

windows10-ltsc_2021-x64

14 signatures

300 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

conneceted

C2

Quassar53-43603.portmap.host:43603

Mutex

8a838901-c620-4fc2-b1d4-479e4991a09c

Attributes

encryption_key
9724C7B5B016EA213AD7D853F171C6F39394F96A
install_name
six.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Runtime Broker
subdirectory
six

Targets

- Target
  
  tool.exe
- Size
  
  3.1MB
- MD5
  
  ea20f6c991b2a0f4dd78128337d36323
- SHA1
  
  4b558eb513af2ca5596fa74a8fe8d93eec911a36
- SHA256
  
  ffb50e35763c41066a9e59e539c4fd1dc6c8c265fe226ea816399504fc6b35ee
- SHA512
  
  a8eadc8ec65e27f95ef210d0a8ac3dcaa4be613e84b15b188817f352a5ea976923e4a615a51b70c2ab3372ad8bb002144043bd2d2deb9e355d905f2d897c10a5
- SSDEEP
  
  49152:3v2I22SsaNYfdPBldt698dBcjHkO4GdrmuvJ40oGdRflTHHB72eh2NT:3vb22SsaNYfdPBldt6+dBcjHPjmep
Score

10^/10

quasar conneceted spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

connecetedquasar

behavioral1

quasarconnecetedspywaretrojan

© 2018-2025

Terms | Privacy