General

  • Target

    http://atomic.raxter.wtf/app.exe

  • Sample

    230811-2h7pasba3w

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

testing 1

C2

raxterlmao-44943.portmap.host:44943

Mutex

af34e96d-c909-43b5-8639-c7f6ffa8c898

Attributes
  • encryption_key

    6182F93E5C07788808CC09B7556BD53F41124A76

  • install_name

    Win10.5.exe

  • log_directory

    Windows Logs

  • reconnect_delay

    3000

  • startup_key

    Windows 10.5 Boot

  • subdirectory

    Win10.5

Extracted

Family

quasar

Version

1.4.1

Botnet

AtomicPremium

C2

raxterlmao-44943.portmap.host:44943

Mutex

e19df553-4828-4912-933c-2f24cd208360

Attributes
  • encryption_key

    6182F93E5C07788808CC09B7556BD53F41124A76

  • install_name

    Win10.5.exe

  • log_directory

    Windows Logs

  • reconnect_delay

    3000

  • startup_key

    GoogleChrome

  • subdirectory

    Win10.5

Targets

MITRE ATT&CK Enterprise v15

Tasks