QuasarRAT2
QuasarRAT .NET 2014 MaxXor. prick.exe. SysWhispers v2 AV bypass. GoUWUjY mutex. PEB walking. amyuni driver download.
Threat Profile
Type
RAT
Programming LanguageC#/.NET
C2 ProtocolTCP
First Seen2019
Targets
Kuresel
Purpose / Capabilities
- Remote Access+Credential Steal
No C2 servers have been identified for this family yet.
Research Reports (2)
QuasarRAT -- prick.exe, SysWhispers Syscall Kaçınma, GoUWUjYDy3LdrRBqOBOiR9 Mutex | Yüksek
QuasarRAT 920KB prick.exe. SysNtQuerySystemInformation2 SysWhispers v2. GoUWUjYDy3LdrRBqOBOiR9 mutex. _PEB_LDR_DATA gizli import.
Read Report →QuasarRAT 2 -- prick.exe 920KB, SysNtQuery Syscall Obfuskasyon, F2173046 AES, Chrome Cookie | Kritik
QuasarRAT2 prick.exe 920KB. SysNtQuerySystemInformation2 syscall obfusasyon. F2173046D565 AES hex key. GetCookies lambda.
Read Report →