Overview

overview

10

Static

static

10

pcbooster.exe

windows7-x64

10

pcbooster.exe

windows10-2004-x64

10

Resubmissions

11/01/2024, 16:50

240111-vb8vfsbegm 10

11/01/2024, 16:45

240111-t9fqwsccd5 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    pcbooster.exe

  • Size

    3.4MB

  • MD5

    5fae96a9a0f8a934d8fc56ede3b30ad7

  • SHA1

    e04a96b9de1c31f32ab1f2d32cd0e3f003b6df0a

  • SHA256

    920ae043ad00115f54ea6d7b8a30b9768d6242c513a408dcbded137d308dd834

  • SHA512

    95c91d8a12fa319fc5a9476e215192e916b5ebbcaa3c5e835d233f86d613a29ba1a6f38ed7ab834e4ab9b46973509c47c0dc3b1d467f215b4b81be403b1bc0f6

  • SSDEEP

    49152:GvjI22SsaNYfdPBldt698dBcjHcx4oHrfQvJcZoGd0AzTHHB72eh2NT:Gvc22SsaNYfdPBldt6+dBcjHYXfVEA

Score
10/10
pcboosterquasar

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

pcbooster

C2

pcbooster.hopto.org:4782

Mutex

187767b0-8705-4028-a3a1-471aa7bda4f5

Attributes
  • encryption_key

    64B6EEBB3B20A5053B02DBB9AEC41BF6FA634758

  • install_name

    manager.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Windows User

  • subdirectory

    Microsoft Software

Signatures

  • Quasar family
    quasar
  • Quasar payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • pcbooster.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections