General
-
Target
http://atomic.raxter.wtf
-
Sample
230811-21e21abb3x
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://atomic.raxter.wtf
Resource
win10v2004-20230703-en
13 signatures
150 seconds
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
AtomicPremium
C2
raxterlmao-44943.portmap.host:44943
Mutex
e19df553-4828-4912-933c-2f24cd208360
Attributes
-
encryption_key
6182F93E5C07788808CC09B7556BD53F41124A76
-
install_name
Win10.5.exe
-
log_directory
Windows Logs
-
reconnect_delay
3000
-
startup_key
GoogleChrome
-
subdirectory
Win10.5
Targets
-
-
Target
http://atomic.raxter.wtf
Score10/10-
Quasar payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-