Stealthy Quasar Evolving to Lead the RAT Race
Show in Graph
Image Description
Common Information
Type Value
UUID 6e46acc0-8d10-4feb-be32-28d8df462561
Fingerprint bce4c18484c1ad30222a27a7036c487eaeb56044dbceb7b7131e2426de8310a1
Analysis status DONE
Considered CTI value 2
Text language
Published July 27, 2022, 2:57 p.m.
Added to db March 11, 2024, 7:33 p.m.
Last updated Aug. 31, 2024, 3:50 a.m.
Headline Stealthy Quasar Evolving to Lead the RAT Race
Title Stealthy Quasar Evolving to Lead the RAT Race
Detected Hints/Tags/Attributes 222/4/75
Source URLs
Redirection Url
Details Source https://www.qualys.com/docs/whitepapers/qualys-wp-stealthy-quasar-evolving-to-lead-the-rat-race-v220727.pdf
URL Provider
Details Provider Source level domain
Details qualys.com www.qualys.com
Attributes
Details Type #Events CTI Value
Details Domain 95 
ip-api.com
Details Domain 129 
api.ipify.org
Details Domain 5 
qualys.com
Details Domain 1 
carlossosrepete.servecounterstrike.com
Details Domain 1 
carsond5.hopto.org
Details File 2 
client-built.exe
Details File 1 
client-build.exe
Details File 4 
mal.exe
Details File 2126 
cmd.exe
Details File 99 
passwords.txt
Details File 533 
ntdll.dll
Details File 14 
notepad++.exe
Details File 1260 
explorer.exe
Details File 53 
adfind.exe
Details File 1122 
svchost.exe
Details File 61 
systeminfo.exe
Details File 1 
mawkdixdwkc5.exe
Details File 30 
shutdown.exe
Details md5 1 
03b88fd80414edeabaaa6bb55d1d09fc
Details md5 1 
c1362ae0ed61ed13730b5bc423a6b771
Details md5 1 
b4bcf7088d6876a5e95b62cee9746139
Details md5 1 
6e0597bbae126c82d19e1ceaea50b75c
Details md5 1 
b894ab525964231c3c16feb0f2cbcffa
Details md5 1 
6b9112b4ee34e52e53104dbd538e04d3
Details md5 1 
7ffbc50f20e72676a31d318bc8f50483
Details md5 1 
483e02ec373ac4ce5676af185225d035
Details md5 1 
313ae2a853e0f47ef81040dc58247c88
Details md5 1 
7f9ec838f1906b3ac75a52babd2f77d6
Details md5 1 
2c98cc1306c8e50112e907afa22cfc06
Details md5 1 
fd4557a540e35948c0ff20f5b717d9bd
Details md5 1 
c0dc33123fcfe80ba419c1a7fb8e26d3
Details md5 1 
af0091faafe64b5d1ecdaf654c6b6282
Details md5 1 
1ce3d7e716ee9635bb0bea1623793e85
Details md5 1 
247d68ff4007bea6865af4783f7b15ab
Details md5 1 
b45ff49959f07f2465b83ca044d7c345
Details md5 1 
a1840646c8050d92c4f5140549711694
Details md5 1 
081b7bc6d5161210dc65068d36a6b87b
Details md5 1 
9ffbd9c5f170871b8dd14373a030d2e4
Details md5 1 
58179e91bf9385c939c159f8b8faad17
Details IPv4 1 
10.113.107.202
Details IPv4 1 
10.113.107.227
Details IPv4 11 
23.216.147.64
Details MITRE ATT&CK Techniques 235 
T1562
Details MITRE ATT&CK Techniques 333 
T1059.003
Details MITRE ATT&CK Techniques 125 
T1555.003
Details MITRE ATT&CK Techniques 130 
T1573.001
Details MITRE ATT&CK Techniques 492 
T1105
Details MITRE ATT&CK Techniques 118 
T1056.001
Details MITRE ATT&CK Techniques 550 
T1112
Details MITRE ATT&CK Techniques 160 
T1021.001
Details MITRE ATT&CK Techniques 275 
T1053.005
Details MITRE ATT&CK Techniques 1006 
T1082
Details MITRE ATT&CK Techniques 89 
T1552.001
Details MITRE ATT&CK Techniques 239 
T1106
Details MITRE ATT&CK Techniques 310 
T1047
Details MITRE ATT&CK Techniques 180 
T1543.003
Details MITRE ATT&CK Techniques 160 
T1027.002
Details MITRE ATT&CK Techniques 32 
T1036.003
Details MITRE ATT&CK Techniques 86 
T1055.012
Details MITRE ATT&CK Techniques 97 
T1497.001
Details MITRE ATT&CK Techniques 433 
T1057
Details MITRE ATT&CK Techniques 141 
T1518.001
Details MITRE ATT&CK Techniques 585 
T1083
Details MITRE ATT&CK Techniques 501 
T1012
Details MITRE ATT&CK Techniques 152 
T1056
Details MITRE ATT&CK Techniques 219 
T1113
Details MITRE ATT&CK Techniques 534 
T1005
Details MITRE ATT&CK Techniques 159 
T1095
Details MITRE ATT&CK Techniques 48 
T1529
Details MITRE ATT&CK Techniques 32 
T1125
Details Threat Actor Identifier - APT 278 
APT10
Details Threat Actor Identifier - APT 181 
APT33
Details Windows Registry Key 188 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Details Windows Registry Key 5 
HKLM\SOFTWARE\Policies
Details Windows Registry Key 44 
HKLM\SOFTWARE\Policies\Microsoft\Windows