quasar | 8eeb7a8c26548c7779ebb2c0af82cdeac5f4058fc3149ecbd4c08ccd89c0359a | Triage

Submit
Reports

Overview

overview

Static

static

3

implant.exe

windows11-21h2-x64

Sharing

General

Target

implant.exe
Size

1.8MB
Sample

240618-j632xayfnm
MD5

233a48808dd0c288bd76414092e4a9d5
SHA1

6503cde3ed01cafacb9c8fa1f0dcc3d339ed08ae
SHA256

8eeb7a8c26548c7779ebb2c0af82cdeac5f4058fc3149ecbd4c08ccd89c0359a
SHA512

0d49b07d36ff194fa8d47c54b14e55933d5c55bfad8caab58749d06f81014a524cdd0bd4a5003a66d2c9092f7abd72e62ee410110c8cfb6379419c5e5c7324ba
SSDEEP

24576:4jkSAn8Q8S4+MUUOOXXao1GiajDu1mf/NRR/VIH06iy9FMB47:45AN/40Ho1Nal3ZdIU6isP

Score

10^/10

quasar office04 spyware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

implant.exe

Resource

win11-20240508-en

quasar office04 spyware trojan

windows11-21h2-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Office04

C2

127.0.0.1:4782

Mutex

b04ba2ce-b74d-409a-9f5c-bdaffe1644ec

Attributes

encryption_key
3C410D3A0BD1E76F9F4B11AD742F61FAE2E183E6
install_name
Client.exe
log_directory
Logs
reconnect_delay
3000
startup_key
Quasar Client Startup
subdirectory
SubDir

Targets

- Target
  
  implant.exe
- Size
  
  1.8MB
- MD5
  
  233a48808dd0c288bd76414092e4a9d5
- SHA1
  
  6503cde3ed01cafacb9c8fa1f0dcc3d339ed08ae
- SHA256
  
  8eeb7a8c26548c7779ebb2c0af82cdeac5f4058fc3149ecbd4c08ccd89c0359a
- SHA512
  
  0d49b07d36ff194fa8d47c54b14e55933d5c55bfad8caab58749d06f81014a524cdd0bd4a5003a66d2c9092f7abd72e62ee410110c8cfb6379419c5e5c7324ba
- SSDEEP
  
  24576:4jkSAn8Q8S4+MUUOOXXao1GiajDu1mf/NRR/VIH06iy9FMB47:45AN/40Ho1Nal3ZdIU6isP
Score

10^/10

quasar office04 spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

quasaroffice04spywaretrojan

© 2018-2024

Terms | Privacy