quasar | 63755f46f6f2cb7385163dce5e872ec45aad248c936e3e2bf762224bed7dee89 | Triage

Submit
Reports

Overview

overview

Static

static

start.exe

windows10-2004-x64

Sharing

General

Target

start.bat
Size

409KB
Sample

240701-2xpr2ayepr
MD5

4d5c83242f9d8a68a312c797420bc7f1
SHA1

2d63d539f1d359ab6915f57dcdc51941a5d5e962
SHA256

63755f46f6f2cb7385163dce5e872ec45aad248c936e3e2bf762224bed7dee89
SHA512

9f8772838eda6a3b58204aca0d2f6a8a73bb99591e78d5a7fb8a06c7c4bc3e528ad25b8f625d7fedbf94fb1967bc51f6bef1d0c8ab896b4a30905e4515610a6d
SSDEEP

12288:Ipg6M1iH0PHaTOs8BxmuCUUwuHsK6q7XpJP:QxqidTOsONCOmsK6qdB

Score

10^/10

quasar seroxen spyware trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

start.exe

Resource

win10v2004-20240508-en

quasar seroxen spyware trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

quasar

Version

3.1.5

Botnet

SeroXen

C2

hall-rpm.gl.at.ply.gg:54746

Mutex

$Sxr-GV6wZsGZZMeZ3qfenc

Attributes

encryption_key
rF1nlsgEFCr3XbMRmPLx
install_name
Client.exe
log_directory
Logs
reconnect_delay
1
startup_key
Update
subdirectory
SubDir

Targets

- Target
  
  start.bat
- Size
  
  409KB
- MD5
  
  4d5c83242f9d8a68a312c797420bc7f1
- SHA1
  
  2d63d539f1d359ab6915f57dcdc51941a5d5e962
- SHA256
  
  63755f46f6f2cb7385163dce5e872ec45aad248c936e3e2bf762224bed7dee89
- SHA512
  
  9f8772838eda6a3b58204aca0d2f6a8a73bb99591e78d5a7fb8a06c7c4bc3e528ad25b8f625d7fedbf94fb1967bc51f6bef1d0c8ab896b4a30905e4515610a6d
- SSDEEP
  
  12288:Ipg6M1iH0PHaTOs8BxmuCUUwuHsK6q7XpJP:QxqidTOsONCOmsK6qdB
Score

10^/10

quasar seroxen spyware trojan
- Quasar RAT
  Quasar is an open source Remote Access Tool.
  trojan spyware quasar
- Quasar payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

quasarseroxenspywaretrojan

© 2018-2024

Terms | Privacy