ioc[.]one - OSINT Cyber Threat Intelligence Database

Attack Activities by Quasar Family - JPCERT/CC Eyes

Tags

country:	Japan
attack-pattern:	Data Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	f442c4f9-b920-4da5-8b9d-c78a59153cc7
Fingerprint	dc0018e3cff3b0cf
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 10, 2020, midnight
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	JPCERT/CC Eyes
Title	Attack Activities by Quasar Family - JPCERT/CC Eyes
Detected Hints/Tags/Attributes	46/2/22

Source URLs

	Redirection	Url
Details	Source	https://blogs.jpcert.or.jp/en/2020/12/quasar-family.html

URL Provider

Details	Provider	Source level domain
Details	jpcert.or.jp	blogs.jpcert.or.jp

Attributes

Details	Type	#Events	Value
Details	Domain	4127	github.com
Details	Domain	46	jsac.jpcert.or.jp
Details	File	1	jsac2020_0_jpcert_en.pdf
Details	Github username	7	quasar
Details	Github username	1	wearelegal
Details	Github username	1	pavitra14
Details	Github username	1	q-strike
Details	Github username	1	netskyes
Details	Github username	9	nyan-x-cat
Details	IPv4	12	1.3.0.0
Details	IPv4	31	2.0.0.0
Details	IPv4	17	1.1.0.0
Details	Threat Actor Identifier - APT-C	16	APT-C-09
Details	Threat Actor Identifier - APT	278	APT10
Details	Threat Actor Identifier - APT	181	APT33
Details	Url	3	https://github.com/quasar/quasar
Details	Url	1	https://github.com/wearelegal/cinarat
Details	Url	1	https://github.com/pavitra14/xtremis-v2.0
Details	Url	1	https://github.com/q-strike/quasarstrike
Details	Url	1	https://github.com/netskyes/rsmaster
Details	Url	4	https://github.com/nyan-x-cat/asyncrat-c-sharp
Details	Url	1	https://jsac.jpcert.or.jp/archive/2020/pdf/jsac2020_0_jpcert_en.pdf