General
-
Target
http://103.30.76.56:8000
-
Sample
231116-ygzqhsfa53
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://103.30.76.56:8000
Resource
win10v2004-20231025-en
17 signatures
150 seconds
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
Office04
C2
45.32.119.154:4782
Mutex
54a78e9b-95fb-449b-9a22-c22b0cb9bedb
Attributes
-
encryption_key
8D3F702A8D4FBFC89815720AB5EE7FFAA0B223D6
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Microsoft System Run
-
subdirectory
SubDir
Targets
-
-
Target
http://103.30.76.56:8000
Score10/10-
Quasar payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-