QuasarRAT

GPTKB entity

Statements (52)
Predicate Object
gptkbp:instanceOf Remote Access Trojan
gptkbp:alsoKnownAs gptkb:Quasar
gptkbp:author gptkb:MaxXor
gptkbp:category gptkb:Remote_Administration_Tool
malware
gptkbp:detects gptkb:Kaspersky
gptkb:security
gptkb:Symantec
gptkb:Microsoft_Defender
gptkbp:encryption TLS
gptkbp:features file transfer
remote desktop
process management
command execution
keylogging
password stealing
gptkbp:firstReleased 2014
https://www.w3.org/2000/01/rdf-schema#label QuasarRAT
gptkbp:license gptkb:GPLv3
gptkbp:maliciousUse audio recordings
surveillance
command and control
data exfiltration
spying
persistence
system control
credential theft
screenshot capture
file system access
webcam access
lateral movement
ransomware delivery
privilege escalation
remote shell
clipboard monitoring
gptkbp:notableBattle used in cyber espionage campaigns
used in financial malware campaigns
gptkbp:openSource true
gptkbp:operatingSystem gptkb:Windows
gptkbp:persistenceMechanism registry modification
scheduled tasks
gptkbp:platform gptkb:.NET_Framework
gptkbp:programmingLanguage gptkb:C#
gptkbp:repository https://github.com/quasar/Quasar
gptkbp:supportsProtocol gptkb:HTTP
gptkb:TCP
HTTPS
gptkbp:usedBy cybercriminals
APT groups
gptkbp:bfsParent gptkb:APT33
gptkb:Kali_Linux
gptkbp:bfsLayer 6