quasar | 0c35263f6a4b83dd522bda60fe30e07eb3a6ef3619c8061c578a603bc1aecb61 | Triage

Submit
Reports

Overview

overview

Static

static

Skibididtoilet.exe

windows7-x64

Skibididtoilet.exe

windows10-2004-x64

Sharing

General

Target

Skibididtoilet.exe
Size

3.1MB
Sample

240614-x28ngssglg
MD5

8f1719e375603f60acae2ec53c8021cf
SHA1

449f8a41edbd7e044b7f72c5490f12495c76642b
SHA256

0c35263f6a4b83dd522bda60fe30e07eb3a6ef3619c8061c578a603bc1aecb61
SHA512

8468c96ab0e2cdd1b5924a63162a87113bddb8b8c2b20fcf14528a5a6fac190d42d80aeb82400d45ebedd328d5c66d8bab3287607b57253e1ec0a761b9b05ffb
SSDEEP

49152:3vZI22SsaNYfdPBldt698dBcjHX0aDo+boGdXTHHB72eh2NT:3va22SsaNYfdPBldt6+dBcjHEaDoO

Score

10^/10

quasar office04 spyware trojan

Static task

static1

office04 quasar

3 signatures

Behavioral task

behavioral1

Sample

Skibididtoilet.exe

Resource

win7-20240611-en

quasar office04 spyware trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Skibididtoilet.exe

Resource

win10v2004-20240508-en

quasar office04 spyware trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

147.185.221.18:18043

Mutex

973de4bb-9630-4798-badb-35c53e068b10

Attributes

encryption_key
1F7D88978B03E5C08F9DEDBD0A0F2EF673BE9527
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  Skibididtoilet.exe
- Size
  
  3.1MB
- MD5
  
  8f1719e375603f60acae2ec53c8021cf
- SHA1
  
  449f8a41edbd7e044b7f72c5490f12495c76642b
- SHA256
  
  0c35263f6a4b83dd522bda60fe30e07eb3a6ef3619c8061c578a603bc1aecb61
- SHA512
  
  8468c96ab0e2cdd1b5924a63162a87113bddb8b8c2b20fcf14528a5a6fac190d42d80aeb82400d45ebedd328d5c66d8bab3287607b57253e1ec0a761b9b05ffb
- SSDEEP
  
  49152:3vZI22SsaNYfdPBldt698dBcjHX0aDo+boGdXTHHB72eh2NT:3va22SsaNYfdPBldt6+dBcjHEaDoO
Score

10^/10

quasar office04 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasaroffice04spywaretrojan

behavioral2

quasaroffice04spywaretrojan

© 2018-2024

Terms | Privacy