Quasar3
QuasarRAT 2014 open source C#. prick.exe rough test name. DHwidFDFPwjuob mutex. SysNtQuery syscall EDR bypass. Encrypted credentials.
Threat Profile
Type
RAT
Programming LanguageC#/.NET
C2 ProtocolTCP
First Seen2014
Targets
Küresel
Purpose / Capabilities
- Remote Access
No C2 servers have been identified for this family yet.
Research Reports (1)
QuasarRAT -- prick.exe Kaba Adlı Binary, DHwidFDFPwjuob Mutex, SysNtQuery Syscall Anti-Debug | Orta
QuasarRAT 920KB prick.exe kaba gelistirici adi. DHwidFDFPwjuob mutex. SysNtQueryInformationProcess2 syscall anti-debug.
Read Report →