QuasarRAT - Indicators of Compromise

https://mnoledglin.top/cgi-contents/uizbfzgbzsevdbsrfnfservvfhbrjvrnbegjngbvfneevffgwmvnf/ehfbsdf.exe
https://github.com/OutsidePantherPucker/shngmkfy/releases/download/urgant/123.exe
http://147.45.79.74:5001/client.exe
http://132.243.173.111:3000/aIg.exe
http://132.243.173.111:3000/aIg.exe.88
http://132.243.173.111:3000/aIg_173_55.zip
http://132.243.173.111:3000/start_qsr.ps1
http://132.243.173.111:3000/aIg_173_55_2.zip
https://raw.githubusercontent.com/demarcusnofatherington420-a11y/ScriptInstaller/refs/heads/main/encrypted.hta
https://raw.githubusercontent.com/demarcusnofatherington420-a11y/ScriptInstaller/refs/heads/main/WindowsLogonService.bat
https://raw.githubusercontent.com/demarcusnofatherington420-a11y/ScriptInstaller/refs/heads/main/DetectionRateTesting.hta
https://raw.githubusercontent.com/demarcusnofatherington420-a11y/RickOwens/refs/heads/main/encrypted.hta
https://especially-acrobat-rouge-dominant.trycloudflare.com/go.bat
https://epgoldsecurity.com/ShadoClient.exe
https://epgoldsecurity.com/ShadowClient.exe
http://192.177.26.196/files/8525074840/yxPIfd2.msi
http://192.177.26.196/files/8525074840/mdOjagm.bat
http://158.94.208.168/files/8042875554/QxknRPs.exe
http://196.251.107.24/q8348.exe
http://62.60.226.97:5553/saloreap.exe
http://158.94.208.7/files/8012574236/eIXHiiV.exe
http://158.94.208.7/files/8012574236/4aMmUA4.exe
http://158.94.208.7/files/1781548144/okR3iq0.exe
http://158.94.208.7/files/8635093259/TUzr0QP.exe
http://196.251.107.24/v4343.exe
http://158.94.208.7/files/8548282130/O43GJVa.exe
http://158.94.211.222/files/7942715918/1SbgglW.exe
http://158.94.211.222/files/7942715918/otRD45B.exe
http://158.94.211.222/files/8548282130/trP9KGI.exe
http://158.94.211.222/files/8548282130/trP9KGI.bat
https://raw.githubusercontent.com/evilgrou-tech/drive/refs/heads/main/launcher.bat
https://raw.githubusercontent.com/evilgrou-tech/drive/refs/heads/main/PZ-Reversals.ps1
https://raw.githubusercontent.com/evilgrou-tech/drive/refs/heads/main/forex.ps1
https://raw.githubusercontent.com/Administrator-hub/Data.Uploads/refs/heads/main/doiidieraupload.txt
http://130.12.180.43/files/7044575709/yQcmXNb.exe
http://91.232.103.250/cs2.exe
http://bmh-global.myfirewall.org/WORDS.exe
http://94.154.32.195/killxd.bat
https://94.154.32.195/killxd.bat
https://roverbot.info/killxd.bat
http://roverbot.info/killxd.bat
http://91.232.103.250/quasar.exe
http://91.232.103.250/color.exe
http://130.12.180.43/files/6260748665/SJlwfe0.exe
http://130.12.180.43/files/1773787694/RMnsgES.exe
http://floneimf.ydns.eu/webcontents/drsgtsrhydtesrtshtigushdfhsdufhuhdsfrgsthfxh/ibKUVSEfbgrnsrkgtsdzthsftgzhthsthsfg/contents.exe
http://130.12.180.43/files/6075866260/44NoKFh.exe
http://vereasw.ydns.eu/CH1.exe
http://friendly.ydns.eu/CH1.exe
http://130.12.180.43/files/8546428528/EE7OeTn.exe
http://130.12.180.43/files/8546428528/IyVls5r.exe
http://130.12.180.43/files/7972786482/xwn3Zn2.exe
http://130.12.180.43/files/7972786482/Cia2O5x.exe
http://130.12.180.43/files/7538357236/XxpGuvc.bat
http://130.12.180.43/files/6719008056/LR0D6Rm.bat
http://130.12.180.43/files/8468434805/fKDnWbX.exe
http://ilovehosting1.com/1.bat
http://130.12.180.43/files/7972786482/6TsgDw4.exe
http://62.60.226.97:5553/formy.exe

2e6fbd142bd5622d2415adbb479d091d322e2f28e91ddc20e3f8b59a26b42a73
86ad203b4dfcd43bdc93bea91e9fc01b613e4fa755fcf3b298e8d1e74e168009
af4bf0887368a86ea9b3efc1c215c1e59c663de1288777b67246c4b641897bd3
5903092322871269cb4c72fd4bc706a7d7c6a12c4422e92d7729cb082a6013f8
1f2b22638ddb587f86f508aaffebc0f0eb1acdbcf783b92260e819d2be9cca2e
822d5678d27c0da20502968808cfa63ac4e3fdb58620fadfd0c9f4ccfe3a6625
91be91c391126d56488726e79c21e037fe31d0225ded2ab3647827a1caf4c466
4cd298a3197f1283ef907976ac01b387dc9a44c93432c3a900ba511f48c03523
4cf1a43a06108184d1ce4fd1c2dac70cdb98fdfb168e0949f84ce88a1e437a00
b6120aa7ee8cf2475648b7b8a287275e63e4a657b30694123ab8bf47463d5477
d24d7f47e5310f6c677c87815b935eb02d8b3ddc18a03f431dbda8dde82ab100
160c8b49da5574d0dca62e5e9393238b3bf1991662347aa29cea1325f5e7fc07
591724c3ba6313d16d21196d60230ed5ff414a50cfc6392c8a0afac25c64947d
efd1e9646641faebb9273e578cc09c0c87b6fef6164cb3e539a3750688a90bfe
bbfb1b5542f73bfd598e587ccab52da52ff59ff120708900a0a15484deaa18fa
4deebf56cf37840df28dcc8fbaaff10223300a0834f564aff2b89d3875abd900
ba8d38575e15f2a8a3c819d3f2e189acdf9249c99240236c8be4f96d7284530d
aadee5080f4b1f68d333c96fed75bf3d1fc2ccb72648c3f675d28ab1ceaa02f5
77193b76e7142383c2fb8f4c92891fa8eb0dd0f50ed206532ebd0abb93da9bc9
902d1dee3000361a49b22d81c52a410a3521e06dcfd5b1422f46a5c2c3f80191
9b6e31817b788e4f3c826ba9d3fe323112c4625cabd9950c15d8cea7bed95c10
7458c325a91844ae1794fd54ffbeb33e8196123065f84e6174aea7a38a6dabb9
730d9312762818104177fc76f9c9efd1a2207f294538001e441a8cbccbbcbf04
62f608d61b28702ca4adadd574f3761c79860bd08da402e3129ab19176f7da9a
1ba40977145dbff6f52243c28807e08847b5675f4e835bed557ed04ad37f40cd
7cc18c8995f128cd34217627dd67041d6ba798bcaf277a38c9eec3ae8b5389c5
2fc9ef9039962562c93ed50cc88d4a3347c7f40ef9d7bc264c44e471ac93eab7
0464caa1c45cb753db25a95a30ce0b6814650b6f839a07cf8c2afdc143de7216
007c13a26d76a1281519960109bbf040ebdf5c497b00d4ffe0d0ac417cd8d33b
00f1da323b1e36d3d24e3a06378dec95306971fdb7f1e1a760b079db39b96365
d3a49cdef256d313ae4245701b15a9767f208dbadbd18d9f36870b3829a9f91c
1059c634050e3695bd7a7cf3c2fe3c0ed47ebd80d6e45d0a0c0a9dedabc2aa09
07153220ad7f4acccdb8ddd3a64849cb263bbabb032c119ab71cc00fc49a9fde
a3b3c9e9c1c68df7a1902750cef695b9b5518f19c5ecbb8e3796f5b80468e361
c65fd4c218ee4f11072c79af6e6663c9694cf746fae75641b6b75db0ce7d555c
9ac1c1dba1be97cd28dd88c4c8b33a7cb08d7601157278e49433eb9b1c283cf0
13e7bfcc010ebce3f3a04fdcfda360dbce0167ed4c7a53dc06f68a93064aa424
f6edcb837b76ea1e1546d375ddcb69ef764d0c9fc9047c9261dd9d2e979a65cb
539f53d61ace3821e6b78f54600e7ee6b87b170de9d96ece7c152328ff0959d6
15407e60bc4a797fff022a8a21cb1274dda4fb3d004db15814f5f268d9bbfd66
8843a708f2855097f055047fb82be8a98a37b23f19406cea51c884b47aeb73a2
41d8fab23ed16f694865ecc8d83482bea0f154115ea95661137286cc946889fd
b63861302724e7076f82fd54af7105fb00c947eb797fac4485fe6c19501bb412
5f5f33d963ef205ea5ccf35dd75105c99572dba9ec8ed66d8268481ad56f274d
a8e9a8bebaf10e8238a75c1a2958a22b8fadc160de44857abe05def398fdd5e2
f5f0e52163104f81b6897b23284e625d9ddcab36751c1552b64a73004f824cf2
078cb93f2f55e14d90efd11536f642c9ed7cd1030369d1045418953c1d430604
befd43899d3fd6441ae166811caf6c71c5f28cded92b567562b5186d942e6cd2
8c3f86f92a95d2820f6173f18b2e0a7047cdddd835909f88ecafaee65a7011da
551b085148561aadc70d9868541944bc35c7bf2dd283c4fe4c142513f6aef50e
913a718ec5938abab66f81f08ed0d8d8dd141cfff630004dd9247b2f3170e58e
d3934da67f5f053a6c519e8116442339dd11f2b7c4727e6f915e1ea2e5181395
322f1fd8fe7bd2e929bd8ed40194d7ea64a13747cbb16060cfd848f7023c6a16
f137ebfc699dbff610cd6526a026a290d6cdd54b7aaa0c468a31a5e6cdcdce1b
9a874ff30b136bf77e1d0cab6763c00b2606ea465b228e2d4703e3bc939e01d0
aa8cc486de5d801e4631ae2315a70f0bc2540b63de1173364b7066bc750161ee
76e064c7de6abac06a5304555f9707f4c529e50b5a15a67f0accdb7750e53c14
168933cebaf756787ca837069024812e25b6c5af4f14f6c977daba5fce18daaa
0f6666d17eb4036b6a0170619b3e833a49287e4f34776b8242c02c8cb93b5210
00e6af4b4e3df4c09673e4492483f3cec7bb27b4565bdd112973fb4952ad897c
fcb77ddb165e5b556ae0685e404391b47e510fa50260847c73e8a56e0bd07991
279cffbda7c1a6ba3d06bebc931517b5a8df11c69a02e1dba63a023c2c79fd7e
5a0e7fd4d8cb6ad72c39b5c15803ed7ed4edb75aa91ee7ddd67c9b423792889f
7f480546f41135ae91207f59a20c596bc8e53007e1d769831333683d43f9f7b7
e67b2183d29858ca00445a85b172dfdab97b02d9eb0731daaf56cf485620ebc0
028da5b0071980940242531e9192ebbd4e1776bc1de65a72f8adb9d56771603b
d2d9ed0083fdee88c8883f42b90e5b5476d2fe2fc35ee6daa247e2e86385bc80
47cf6beeea87c5ebcae91218b17c4c0f52e6efd691e5ac77bef6978baae86fb2
ef19d077de5b50ab73032b103665a31a4cc4ae1832c9386f715429b6ec4c7c5a
b5b6a5431aac5ef2fd7ab06583a30d77d76c9d98e165d99773694d6c1a395bd8
dc2905b5e1cf7f50de6ae5e0996f97e02b4f6271c0fceda8fa8624c577cd11dc
94b3610234806a266b77b547e75ac4f364b2ffbabe1421a94fad5ff3b7207b9f
1e49e5f2d02d715b5e77edc22c6e738306d27b0151e7a8c33ad6ad192617b975
b11b82e5cf984a4b507b0ee247460017f882a30e9d0051cc85246e0f2758a301
9703a4c17ec31daea75aed1039caab89444337a645968c181c738c49595c868f
da231f0ce2a812ce1ccffcd84d660d2b19ad106673dea3929364566ebeb65746
59b1dad8d2dbbd30536fab62c00589ee861edc365a0cb93c400b97150e4abf75
84e44959d7c5d545c17f4c874718296a4ed30436521690fd53c79ab662083445
1b3577d4ef4e553995842f1feae47df6fce2a1e77893dbea2ce5a5135f248507
eaa88387f08ecfa568dc2f70e477c0aa46d6a9443ec383063d12fd7c7e715502
2e9892827c1b83c1421c7f6cd806bed9f8dfd424607844e55b57d97e3b42ce58
efe82e4361366e5bea41353ab9b3c97ad29b2b8792cf2f0faf9f457f7c0ad833
15a403882bbe98cc3b5a1556455a067081ebf7a014e8e7dd4ffb7c6a25fcefd1
8f0da210c208c56bd11bad404752f2a5cb1ad79ea42e34f83f5b605b65d60c1f
d73c7447308464240a6e4dbec7d57156b0ce1d98f63f92e00a408f39ca04aff1
3b16f98ebdbe6b3a333a0908d6eec33c754ba9028935fe17b8b02d9975b4616f
4f64aa9ec86fdc36919d7dcb5f1bb095b7e3211d90532b5384d5c1b220186166
40cf8d5cabb6458fa499749d468b227e002c145aa7acbb24ae371be9328ee7d5
a08cdda2d228917af29c34912fe516cc68f280c730158147832b1c9d83e2b703
6a3ca2af5a54ddb0c63182cc25ac4f9a4542be30cf7d9c11173b755e467fb39e
2607e5958a006f03897c827bc244076aeaf987b018185122c65d181bfc925daf
7b50a77b13d232c264a0b2e0ade31332289b641637113f80677934f1bca688cb
ce59916ff52c012f87342f2ec7937f85e7f13fc72d37f077c2e0ea6d4ce01a07
e9bf8b0cc4f99ab868fbdbf3e90a6adcb867a7041f6201007a7844414ba0cc55
70eae1c2d854c64b120079ad58a824f13a7178886107ebaa2d804a5999963161
6029a278d4c0525bd9aaa754fcfb9c3c6b652249a26ff4592b42b9a9434d5d60
4259fab18ffddd4b40ca3097ddcf8a08d11c05717f975c50925d5670c0272ef2
ee47323ef7a520b254b12a6ca6fbe0c5f3196618e183c083c0e6512252ac7f30
a44fd6518013d5ea59142ddefbcb835dcd3fb2bd671f19fb59fca75f85dbab45
59057eb3a372cf2cd76e9bc534d64c44138b11f846b907ff8befcadba5fac988
d6a46b51dae39f549563ebe0b5ea1ae70082dc26385b45d661ad6bfca384cc8d
d856336054b054ee4b6aed66226e90dfca9a236e93012360b34001e75cf58693
e647d4b39860c00a49582b85d71507c556c23f618deaf6b5674326c665c12d6d
6195c2773a6b83f55aa9328638a601fb10a61c63c0b618e159c0f35082b11ecb
65f89942f20de3e5a32c37c38817e494dc139107a6abf4fdd1a9e52d7f40b053
a8db212713ae89c65692675a67f7ed7a9309b714d62f22f78286a075ff8bc52a
3b82b24a851210b94f8db3db951b4a3a0ee48438c36f8c845827ef4bd67d1760
047e637b1a13399fcd898b76dffa736e9644b041f35bf390c1c6cf302e6381eb
e34fed678302c144ab655ebfb54a2493551266bfdf66fd35c7e85c3c6000b592
abba492096dc11f66969609fd9fd12775f41c2117d1e9011d02ddcac11e9bbfc
d2e62ae95bb3b29044db0ee7f88c6c3a9839e6dceb41284214cf5b821bd268d0
585c1c3e0c92f1ded8d57fc754c884b0cc59fb918753f1bc46387284dc5df079
525f29f1529cd9dfcba262b012e9170e32b4ddb184e1367e2d503733710b5ca2
8df4cc8b9c69f45705eca485d0b21593995aaca8d86e4c6d2a692a06b576aebb
bec11fac7d2d7ab89aa30d81f2011c0de29647dde7098dc9aca72129bebb9896
78b94a7b9317cd36681d32daa672d072c7ee91f8d4a049834bd9ad5a8a0f01f8
3b26ce148913d262afb47286ff168053598036121a560f77e585d42628a8eeae
ee099bf393e389aa3bee9310c2d8b3dfd9b66df71a22a40574583555ad7261dc
7e076c82e891f6cc0bff69929c87259a24380b2cfbd893330d68174140aab3a1
7dd13cc4436b6ab1ca1a1ff321d11836f666e9e7bf0532db35833db799ffd336
07f86311a3fb9a91265e0874a162bba01c58c795a9c5c909484d9448a0dff4dc
8fa996aa98960834f1b64f07948d4d989715b7a39074081ee3b773a384926ca8
aeaea1fb6584e08b536a83866f2dfbf28b343098bf9c186c9b75642a60867ed8
26f9bb2c2450b7b10a5e56d760c3ab2c372f225d60456e32f4c25ee779be04b9
9469c0ecb56d97235377a1ef66799767e5c437e1c933a070276468cf47d1228a
7d9b565d51db33717821737a374b450beb95ccefe0905e9cc50260a8250b0d7c
2fe91ae0e4839ae3fb202495f0ab07bdd08c0f06209de131a1660d9a0c834836
18a1f4ed77c4b109d3bddf21854abc26376f8846d7d43af248e44341fab7012d
67f8d4097eb2a5294526c5991ec6c021ae5c23292bee25265ca6622e35ffb203
178f2fc720bda22645ce68e6e68e4a2ddfedbb59e2c4163171652a27f0db5bca
2d22c06b34bc0cd6aa01b638446526af9b043d146034f1ed9fa9b049133f1027
2f810da956fed7faf74c8ce2cf65638ccdaa92b282dc7492592d7aedce280c44
dc807e98a912e76bb17b82f71b21ae50375f3575316ba3751e733f1f35d537b3
8853de0df86223a9a810815f82167dd9970b934d7c0ef6b53b6d913c9fbc43ec
0de8543897c9b92326c552911780ac07e2972f50fa452cbc348f7303aea5b09f
62422d922905d43ae0ca2917f7b6f95a539f3e477e084430aa643f0069b0054c
e0c0ff1a67b4aef85616887a3dc62612a20d599a7315fc29eacec29c8306783b
a0dfd88d6209e14c971713ccee2c6b4dd1dfd5eae40fd894e43917c41f456103
32f152ba15f960c54be6fa2ebaeadcb20211ae5aef0d3986dedc2578a7dc38a2
d93f7cb5d7e03bdc168bcf05ca7e1fdeb46f6c9d56c1b7508912db0e4ac0f45f