|
gptkbp:instanceOf
|
gptkb:Remote_Access_Trojan
|
|
gptkbp:alsoKnownAs
|
gptkb:Quasar
|
|
gptkbp:author
|
gptkb:MaxXor
|
|
gptkbp:category
|
gptkb:Remote_Administration_Tool
gptkb:malware
|
|
gptkbp:detects
|
gptkb:Kaspersky
gptkb:security
gptkb:Symantec
gptkb:Microsoft_Defender
|
|
gptkbp:encryption
|
TLS
|
|
gptkbp:features
|
file transfer
remote desktop
process management
command execution
keylogging
password stealing
|
|
gptkbp:firstReleased
|
2014
|
|
gptkbp:license
|
gptkb:GPLv3
|
|
gptkbp:maliciousUse
|
gptkb:audio_recordings
surveillance
command and control
data exfiltration
spying
persistence
system control
credential theft
screenshot capture
file system access
webcam access
lateral movement
ransomware delivery
privilege escalation
remote shell
clipboard monitoring
|
|
gptkbp:notableBattle
|
used in cyber espionage campaigns
used in financial malware campaigns
|
|
gptkbp:openSource
|
true
|
|
gptkbp:operatingSystem
|
gptkb:Windows
|
|
gptkbp:persistenceMechanism
|
registry modification
scheduled tasks
|
|
gptkbp:platform
|
gptkb:.NET_Framework
|
|
gptkbp:programmingLanguage
|
gptkb:C#
|
|
gptkbp:repository
|
https://github.com/quasar/Quasar
|
|
gptkbp:supportsProtocol
|
gptkb:HTTP
gptkb:TCP
HTTPS
|
|
gptkbp:usedBy
|
cybercriminals
APT groups
|
|
gptkbp:bfsParent
|
gptkb:APT33
|
|
gptkbp:bfsLayer
|
6
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
QuasarRAT
|