quasar | 6713e5eafddffdc0d3a53783f28a7256c37cb36991a6bf839c6283b25eba4ad1

Sharing

Copy URL

Twitter E-mail

General

Target

build_output.rar
Size

6.9MB
Sample

250419-qlk4xsyqy7
MD5

f53d642e1955f1e419bf895efd4bbbb0
SHA1

7611f1267f3d91a20e8002c9160c371172d17257
SHA256

6713e5eafddffdc0d3a53783f28a7256c37cb36991a6bf839c6283b25eba4ad1
SHA512

cb4b4199b39ec2768afc81cbc77afbb67545e7733985b5f53791ce264a7f5489ea5dc84c225dfdd01693908155f85a509848c87fc6f6069935aff53c2757ab55
SSDEEP

196608:vInWyGtInWyGPVW/2nHLkgE+2hQghm3i6pa:vnyGtnyGPM2rkgNgM3fg

Score

10^/10

Malware Config

Extracted

Family

quasar

Attributes

reconnect_delay
5000

Targets

- Target
  
  build_output/Client.exe
- Size
  
  1.5MB
- MD5
  
  c5416d7af360068fcdef344602375982
- SHA1
  
  f3bdd8d22d96d3003b5a66694e3e3e738b226954
- SHA256
  
  6f6875eb9c2b61d9b51b06fd8b754c5ccae99118aa660eec14dc80863252c1c9
- SHA512
  
  7047e0e9bbc5bce3514704b29e812d0fd9a4bc75ef81addd5c42cd38beae8b55cb67080d27f8bb85f7e97f6651c871b2b5d04663ec255de4736335267848c6ff
- SSDEEP
  
  24576:KaKltwDS2eWBRwRR16zhHIPbcNK0KKm77yviUSQaZaOwI55l2S62r9kiwp2Np:KPltwx7wR2EgKKm77LrwCB614
Score

10^/10

quasar spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
behavioral1 behavioral2
- Target
  
  build_output/Microsoft.Bcl.AsyncInterfaces.dll
- Size
  
  25KB
- MD5
  
  c877d7fe282a56f3bbfa91573d0f56fb
- SHA1
  
  c74be743bcfc848e06259070b78c50a5d306f1f6
- SHA256
  
  c8ee1cf1148ebd92318da74edb86952c59ae52d8be0233b0c31658fdf46ba61f
- SHA512
  
  6dd52cc81c2f971ece97d19511d4908f55357a4c86a3cd7242d61f465c6229f7549a21fc76f6bd79d9ce043947c3d24b6a3f705475ff61bde6b7f6e88f55c696
- SSDEEP
  
  384:a9OJWqnwKBbNAd0VES2j0cX6dAl+NWyVzrdcCgWeR/WyfLXmztvGHRN7fcTR9zNX:kulwKBhfVv2wK5udcC0FjQtaEV9z9
Score

1^/10
behavioral3 behavioral4
- Target
  
  build_output/Microsoft.TestPlatform.AdapterUtilities.dll
- Size
  
  28KB
- MD5
  
  2e02f737baabda557d62c88443ae7c01
- SHA1
  
  a4f3a6a3b7c5d371474fbb9a4d51f0e75ecc0927
- SHA256
  
  2570cbe12e3f6c177362eaad630b42db3114c2bb74099a0baa2d3abd6bcb5303
- SHA512
  
  646c34a76dd20c808346e87bd68c6074fddc3194df0cfbab345e2e08d8d480fdecd6e544836a07f74898d4276fd7f30b964aa0fa260178492639913e7beab650
- SSDEEP
  
  384:MoGlVXd5QgRbo/cqR3gMdny654nKDdhUauvc//FyHRN76JVOY/wR9zmuyzy1:wDOgRcOIUarFu4/M9zmO1
Score

1^/10
behavioral5 behavioral6
- Target
  
  build_output/Microsoft.VisualStudio.CodeCoverage.Shim.dll
- Size
  
  15KB
- MD5
  
  b0f2e37dc0fbe6cf01672547f9e56e5b
- SHA1
  
  2673eb1ab737217e0dc63101d697697c82547185
- SHA256
  
  3a4ed9b3e4b5d706767ef614b52836250e8abfadb7b8e30e3706c2eb9d1c45e3
- SHA512
  
  8c5f91a0a7bcd44d3f4a61d7f37f9956f7aa0f1d3585460c2eb1f27bb28e6b959f1e3e7ace6b1fe2c39b06c121d024b6bd383ca3c403ab70dfbb94208476e6de
- SSDEEP
  
  192:LnIqrxCb3j0WZqnWSW1R7KOTYRHnhWgN7a8WqJ2sJact5equ/X01k9z3Amj7x+M:Ln98j0WZqnWlyHRN799Es56/R9zTjVP
Score

1^/10
behavioral7 behavioral8
- Target
  
  build_output/Microsoft.VisualStudio.TestPlatform.MSTest.TestAdapter.dll
- Size
  
  155KB
- MD5
  
  2ddc54871ff84b3692ad11ba4a5ff771
- SHA1
  
  c5310fea5760851117ec68b66363f65d5fae06a3
- SHA256
  
  cb1d59fd79a412b1b05a27b32c342cbc85f018a9f1e1d67b43ebe87e43fec0d1
- SHA512
  
  c4b6f1f0a1517b7669813f58ece0b10432dd85e1769584b5502cbb0bf0b440a56353b1b5142aa024886d0a4cabe9447c8ea6173887ca9c7562e5883deac07ef0
- SSDEEP
  
  3072:vIOjCZch+OpRvMKZNZ3hy3B5HZtdOu8uThF9hZlJ8jaoY:jGZc5HvMKZ73Y3B5HZtdOu8ShZlJ8+l
Score

1^/10
behavioral10 behavioral9
- Target
  
  build_output/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.Interface.dll
- Size
  
  18KB
- MD5
  
  f0bf68ced49e25d46f470d063b9b2532
- SHA1
  
  5826195d195ba3317b22fb726e60231e800571ec
- SHA256
  
  c4494b603ecb322627959b2cd782400405a58051229bd09b108861415b1845aa
- SHA512
  
  01eff16e40fadab3acc906c3d7b046363649157ff152a58babff0e7300861b16de8254237b6f39dc781bb2b0609f24ec8edbc816b1dda27bfa71d8816c3470c6
- SSDEEP
  
  384:jFNFUt+ZDmwKCWKhyHRN7/FfsRmuTcR9zuskT:jF7kwDhutERmuU9zuR
Score

1^/10
behavioral11 behavioral12
- Target
  
  build_output/Microsoft.VisualStudio.TestPlatform.MSTestAdapter.PlatformServices.dll
- Size
  
  111KB
- MD5
  
  6e970809dfb2a09768bdc1f90ba138e1
- SHA1
  
  c7d2624aff1f91641cf2bb0fae0ceb109097ca6c
- SHA256
  
  dd7eda88da0e3843202e51ba2cedc4412a566355c0193b4c781d307d3d1e5a4e
- SHA512
  
  87dca21ef73a5aab745a6902462c70ba23a6bb14f57c9d89f6a229ee876ba92e927cb0add7ec8a1b2bc12a460f2ff79f6927c48b1f6b71452b3350c154fc781c
- SSDEEP
  
  1536:iUAeczX41Bugzu2e8vZTydXOBBsjoihtVfKFFeCbMNflzlrWi2QzgNUw8gKAh8Ia:DGX41Qgzu2JQ1oihtVfKyC8zoQMR8I8b
Score

1^/10
behavioral13 behavioral14
- Target
  
  build_output/Microsoft.VisualStudio.TestPlatform.TestFramework.Extensions.dll
- Size
  
  33KB
- MD5
  
  e3306bf4a03b415eeaf5e3038245146c
- SHA1
  
  7c1287fb75cf863bf61d315a5dc6ac21bc224584
- SHA256
  
  8d1c36b6dced0b1315e71303ef205dbd01d157a4add72d874825e0f26c529aa5
- SHA512
  
  c1360bfd93a0aedbc06c58c79b3ffd6b5599d70b49f5f894bc793332f27f315ed6e3609984a269201064e73987517109fe6b720cecb38fc67ee08e1258cf843c
- SSDEEP
  
  768:cfuKfVp4MAfCQxA5Xm9nCSqu1LxWF//dj9zw:64nHI29dqudxWZzw
Score

1^/10
behavioral15 behavioral16
- Target
  
  build_output/Microsoft.VisualStudio.TestPlatform.TestFramework.dll
- Size
  
  72KB
- MD5
  
  81930cfe170acd3a8e7498fd706a93c9
- SHA1
  
  e1868f03638b3b94027afe2c4f1cda84d39c1054
- SHA256
  
  9dddb3c2958a276f6b6afd9fade11cca191e2f0635f29a39718c60f8f278a4c3
- SHA512
  
  1120633361c962a6828799898b2c43ef72402f6eec3d40761e875bf5fe08cea77cdef762f6b8840b6a747a534427af2f0b54ae906c39753a7facb17ff52949aa
- SSDEEP
  
  1536:CHXw2c75z0KqmKkONYfVmiCpmivfD7XXyAHHof0qokuUz2:u+75zamKXqfVmjnD7XXyAozo4i
Score

1^/10
behavioral17 behavioral18
- Target
  
  build_output/Microsoft.Win32.Registry.dll
- Size
  
  22KB
- MD5
  
  da40f3db8b34571684c0cb5bcecd2a79
- SHA1
  
  1c27a41fd84d6bfe99dabae2e59fcf12fccf6213
- SHA256
  
  619737e2af8fb713085726631dd2e522fe130cac1d388a59c38907a47d7aadea
- SHA512
  
  e656d72e111eaca7c8e9b7d4106030c1104286395046c2de58a04edd590cb2714dcf3aeca2b93f843b4663f1d1e630cc19f1e4eae2fa62f0d382fa18cc8a5981
- SSDEEP
  
  384:z8a6WQCgE7MHVia7Z7aLPQmlJLfbTWnWDxW8QHRN74fZalxA2:AJCp70ViyrmlDt84a
Score

1^/10
behavioral19 behavioral20
- Target
  
  build_output/Mono.Cecil.Mdb.dll
- Size
  
  42KB
- MD5
  
  2c39a53a61168c8a7a9f53ebdad6137a
- SHA1
  
  b10ac8325cd72c7a9018af806d75739ab862b4d8
- SHA256
  
  570a437dea0271d1d5c8b7d6a408b0b2635bdb0e8b8d5051878f3e7fca087f89
- SHA512
  
  d1987995bb58978a063a195a18ba02908edac02a3e7808e93f8340aa968c9bd74f76d2e6fad8158f72bc3629c1382039863471d51e510bd897187ccdabae8e14
- SSDEEP
  
  768:wlUj6BAKp/zgvVucdcRsCVKcraB09THkPFtQI4CRIzZwMNTBczwDN:0h3/zgvVPcRrK09HkBAwMNTNN
Score

1^/10
behavioral21 behavioral22
- Target
  
  build_output/Mono.Cecil.Pdb.dll
- Size
  
  88KB
- MD5
  
  5f6a2f17f4e792600a13e3771d5ca5ff
- SHA1
  
  e411b8e51b201c5f389c2388d26735c1e89b3f6f
- SHA256
  
  50a1a1a79dc86fcfb8b51249b5325a10dd93d193c52999cf6775d25030a4e606
- SHA512
  
  67af09a5545c6bb0e033cfa09dfc654ce4cd4d22c418402d5a43612eaa6e60b71dca2bf4f796a6027c8e7aece88d418e6e8c469c94c327f5169608e67a3e7a39
- SSDEEP
  
  1536:TexPta15J8wWI7Kgl74TChe44tALYKXybJG3OoCkvV:TexFafB7q2hwArQJGFhvV
Score

1^/10
behavioral23 behavioral24
- Target
  
  build_output/Mono.Cecil.Rocks.dll
- Size
  
  29KB
- MD5
  
  e136924bb4051a462ad90bd14cb0ba41
- SHA1
  
  8cfeb4034766ce06f9216b1872703015e8ea0e09
- SHA256
  
  842e09959084eda733aab1a5354d7af79e29594f4d8b91c8792103e5c755ed9b
- SHA512
  
  1baa852ffa42fd8a743661f003b90c840276b4cd864d5467b8d551454420ea46bb6c97e0dbe832de1e5e0672eb57365332dd5f86ad1df88820300504a3b1ea07
- SSDEEP
  
  768:628hQuem5RPkF+pXtRx/hRsPveQJcpAUdE3fF7Mtm3M:62gYm5RPv9jjsPveQCdEvF7Mtmc
Score

1^/10
behavioral25 behavioral26
- Target
  
  build_output/NAudio.Asio.dll
- Size
  
  33KB
- MD5
  
  eb254b04d63a9f03b77563243805f68f
- SHA1
  
  b01c83ec51f7a6548d1babb5e5ff8d5b944965a1
- SHA256
  
  ca03780217139b37f7f5b6921d59defb8d24988315b16b167a77fa88caa7d00f
- SHA512
  
  af40c8b9753ebd5abdefad82597dcefc3e5272e917657e3cc7d7961ee8e0070c04f964df456eaa92c8ba832b1967f35ac57490fa2adab2164f323e778979ef9c
- SSDEEP
  
  768:gehRrWpB5henf0HTYdpVCYKo9c1e6ttHjB6Ca:gehRr68M47hGtHF4
Score

1^/10
behavioral27 behavioral28
- Target
  
  build_output/NAudio.Core.dll
- Size
  
  183KB
- MD5
  
  48867f392b8e77dc06c062638c6fbd36
- SHA1
  
  ccc0931e2cf3d6d79e24c1f28d9c96b40c131af6
- SHA256
  
  fcf493fc47a2f478a65303886b975fbdbf714cbb1f2d79f7fce97e4bb16b01a8
- SHA512
  
  b536e18c482dcf810ec30b9a943ec06e0ca4f6f2bd8f187b807a9a9fd90d28c4c2fb69bada4766c72e0b7942f5e7d40dd94b193ab01e68f666838698bbb473bc
- SSDEEP
  
  3072:n5nFpdQWUY6GwfIGsnLRp2qr2eeY0nVuEtEVEOUkk6uSYsM+S76t:jpdQJY6GwfIGyRp2qI/VZtEVETtHG
Score

1^/10
behavioral29 behavioral30
- Target
  
  build_output/NAudio.Midi.dll
- Size
  
  45KB
- MD5
  
  3f5c79100f4f7902114c3fcba275c606
- SHA1
  
  cb874b2a2561239b5b1c30a49574229716f5f62d
- SHA256
  
  f246e29921797b173b54229685e997a11f9cc388fa1e589c212328abd7a94ebe
- SHA512
  
  e435b839a769572a251cb07238020f2496bef97949a3b3159e85c12327e4399a2adca67bb5b2a0606318ca9b5c7ea99bf013a431c72034ce51f9224721a4cf79
- SSDEEP
  
  768:lwuDUaOqgwjYpA2kn+sbS+O/RXgQPODHM0Mx7YlEmmSFyaetiWvmYRMUQ6LUOu5+:lwuDU7fwT2k+sbRMZgQP6HM0Mx7cPXeN
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Quasar RAT

Quasar family

Quasar payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32