quasar | hxxps://cdn[.]discordapp[.]com/attachments/892424513931837483/1363158007537733873/COD?ex=68050353&is=6803b1d3&hm=52152cecebb46f33867eaf1565a8d423daa23aaab129920d1ddae9fbaad1033a& | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

https://cdn.discorda...

windows11-21h2-x64

4

Sharing

General

Target

https://cdn.discordapp.com/attachments/892424513931837483/1363158007537733873/COD?ex=68050353&is=6803b1d3&hm=52152cecebb46f33867eaf1565a8d423daa23aaab129920d1ddae9fbaad1033a&
Sample

250419-r4x2wa1n18

Score

10^/10

quasar discovery spyware trojan

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://cdn.discordapp.com/attachments/892424513931837483/1363158007537733873/COD?ex=68050353&is=6803b1d3&hm=52152cecebb46f33867eaf1565a8d423daa23aaab129920d1ddae9fbaad1033a&

Resource

win10v2004-20250410-en

quasar discovery spyware trojan

windows10-2004-x64

26 signatures

150 seconds

Behavioral task

behavioral2

Sample

https://cdn.discordapp.com/attachments/892424513931837483/1363158007537733873/COD?ex=68050353&is=6803b1d3&hm=52152cecebb46f33867eaf1565a8d423daa23aaab129920d1ddae9fbaad1033a&

Resource

win11-20250410-en

windows11-21h2-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  https://cdn.discordapp.com/attachments/892424513931837483/1363158007537733873/COD?ex=68050353&is=6803b1d3&hm=52152cecebb46f33867eaf1565a8d423daa23aaab129920d1ddae9fbaad1033a&
Score

10^/10

quasar discovery spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar family
  quasar
- Quasar payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

quasardiscoveryspywaretrojan

behavioral2

© 2018-2025

Terms | Privacy