Skip to content

Hide Navigation Hide TOC

Quser (7b78eb31-f251-493b-8058-14a3452e8ccc)

According to joint Cybersecurity Advisory AA23-250A (September 2023), Quser is "a valid program on Windows machines that displays information about user sessions on a Remote Desktop Session Host server".[U.S. CISA Zoho Exploits September 7 2023]

Cluster A Galaxy A Cluster B Galaxy B Level
BianLian Ransomware Group (a2add2a0-2b54-4623-a380-a9ad91f1f2dd) Tidal Groups Quser (7b78eb31-f251-493b-8058-14a3452e8ccc) Tidal Software 1
Volt Typhoon (4ea1245f-3f35-5168-bd10-1fc49142fd4e) Tidal Groups Quser (7b78eb31-f251-493b-8058-14a3452e8ccc) Tidal Software 1
UNC961 (e47b2958-b7c4-4fe1-a006-03137db91963) Tidal Groups Quser (7b78eb31-f251-493b-8058-14a3452e8ccc) Tidal Software 1