quasar | b01844fd95ecc51c681f238a6351fe1e8d7228b931f4324b023c4598907e9c69 | Triage

Submit
Reports

Overview

overview

Static

static

Client-be3uilt.exe

windows10-ltsc_2021-x64

Sharing

General

Target

Client-be3uilt.exe
Size

1.9MB
Sample

250419-qtexwazjs2
MD5

f6f414c145d0acecfdd3cfba707386d3
SHA1

b7281f8c899da4fd46e814ccadda4b3f03db365f
SHA256

b01844fd95ecc51c681f238a6351fe1e8d7228b931f4324b023c4598907e9c69
SHA512

68ac467e9c57fe6c2108217393e1ba45b48503d5274565460420e508e0add220c69120bd5551d7741996f20011a9d1e33f327d13cbff8f29223d6fce6d2a0d24
SSDEEP

24576:Y1JFoVGS2eWBRwRR16zhHIPbcNK0KKm77yviUSQaZaOwI55l2S62r9exnjUDB3u9:Y7FB7wR2EgKKm77LrwCB6T

Score

10^/10

quasar spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Client-be3uilt.exe

Resource

win10ltsc2021-20250410-en

quasar spyware trojan

windows10-ltsc_2021-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

quasar

C2

Attributes

encryption_key
43EB246F63BA6C5E8F1B8F576653410351E57F4E
reconnect_delay
3000
startup_key
�� 8}pQ��C��ʷu��

Targets

- Target
  
  Client-be3uilt.exe
- Size
  
  1.9MB
- MD5
  
  f6f414c145d0acecfdd3cfba707386d3
- SHA1
  
  b7281f8c899da4fd46e814ccadda4b3f03db365f
- SHA256
  
  b01844fd95ecc51c681f238a6351fe1e8d7228b931f4324b023c4598907e9c69
- SHA512
  
  68ac467e9c57fe6c2108217393e1ba45b48503d5274565460420e508e0add220c69120bd5551d7741996f20011a9d1e33f327d13cbff8f29223d6fce6d2a0d24
- SSDEEP
  
  24576:Y1JFoVGS2eWBRwRR16zhHIPbcNK0KKm77yviUSQaZaOwI55l2S62r9exnjUDB3u9:Y7FB7wR2EgKKm77LrwCB6T
Score

10^/10

quasar spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Executes dropped EXE
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quasarspywaretrojan

© 2018-2025

Terms | Privacy