QuasarRAT | Tool Detail

Description

[QuasarRAT](https://attack.mitre.org/software/S0262) is an open-source, remote access tool that has been publicly available on GitHub since at least 2014. [QuasarRAT](https://attack.mitre.org/software/S0262) is developed in the C# language.(Citation: GitHub QuasarRAT)(Citation: Volexity Patchwork June 2018)

External References

Techniques Used by This Tool

T1005 — Data from Local System
T1016 — System Network Configuration Discovery
T1021.001 — Remote Desktop Protocol
T1033 — System Owner/User Discovery
T1053.005 — Scheduled Task
T1056.001 — Keylogging
T1059.003 — Windows Command Shell
T1082 — System Information Discovery
T1090 — Proxy
T1095 — Non-Application Layer Protocol
T1105 — Ingress Tool Transfer
T1112 — Modify Registry
T1125 — Video Capture
T1547.001 — Registry Run Keys / Startup Folder
T1548.002 — Bypass User Account Control
T1552.001 — Credentials In Files
T1553.002 — Code Signing
T1555 — Credentials from Password Stores
T1555.003 — Credentials from Web Browsers
T1564.001 — Hidden Files and Directories
T1564.003 — Hidden Window
T1571 — Non-Standard Port
T1573.001 — Symmetric Cryptography
T1614 — System Location Discovery

Tool: QuasarRAT

Description

External References

Techniques Used by This Tool

APT Groups Using This Tool