quasar | 600d98b3e6d396fd6658c787a1f0ea5feec9f0abfaa58291dd286fbb28ed68ee | Triage

Submit
Reports

Overview

overview

Static

static

errrr.exe

windows7-x64

errrr.exe

windows10-2004-x64

Sharing

General

Target

errrr.exe
Size

3.1MB
Sample

240611-1xzrkatcmh
MD5

b45186de4d9fb309985e996287670356
SHA1

f255dbf134c3bf7a1c49f7db6df4fca0b8515370
SHA256

600d98b3e6d396fd6658c787a1f0ea5feec9f0abfaa58291dd286fbb28ed68ee
SHA512

471b48014b94b309eeeed946970056e978b2e8d9e087722141f2e10365555295927491ddf90b6c987e82f587d5de435749a2dc170941c8f838340021e9463f82
SSDEEP

98304:nvJL26AaNeWgPhlmVqkQ7XSKqV/RJ6Y7h:vH4Sr97h

Score

10^/10

quasar office04 spyware trojan

Static task

static1

office04 quasar

3 signatures

Behavioral task

behavioral1

Sample

errrr.exe

Resource

win7-20240419-en

quasar office04 spyware trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

errrr.exe

Resource

win10v2004-20240611-en

quasar office04 spyware trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

Fortniote-63705.portmap.host:63705

Mutex

7275eed2-cfc2-4aaa-85a9-989867afc89d

Attributes

encryption_key
1F7D88978B03E5C08F9DEDBD0A0F2EF673BE9527
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  errrr.exe
- Size
  
  3.1MB
- MD5
  
  b45186de4d9fb309985e996287670356
- SHA1
  
  f255dbf134c3bf7a1c49f7db6df4fca0b8515370
- SHA256
  
  600d98b3e6d396fd6658c787a1f0ea5feec9f0abfaa58291dd286fbb28ed68ee
- SHA512
  
  471b48014b94b309eeeed946970056e978b2e8d9e087722141f2e10365555295927491ddf90b6c987e82f587d5de435749a2dc170941c8f838340021e9463f82
- SSDEEP
  
  98304:nvJL26AaNeWgPhlmVqkQ7XSKqV/RJ6Y7h:vH4Sr97h
Score

10^/10

quasar office04 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasaroffice04spywaretrojan

behavioral2

quasaroffice04spywaretrojan

© 2018-2024

Terms | Privacy