Quasar virus is a Remote Access Trojan (RAT) that is often abused by cybercriminals to take remote control over users’ computers for malicious purposes. Exploiting a path traversal vulnerability of WinRAR, a Molerats spear-phishing campaign is discovered. It is suspected that a Gaza Cybergang group is behind the campaign. In the first step, the victim installs a downloader in their operating system which then gets infected with a RAT (Quasar). The downloader typically first tries to connect to a geolocation domain and then the RAT is downloaded.