Extracted

• • Target

    https://mega.nz/file/5mA1mIKR#ixf6HKrMhPjTwe7xdyNjXZFHsngSitbZQTOYxr_ZTfw

  Score

  10^/10

  babylonratquasarspywaretrojanupx

  • Babylon RAT

    Babylon RAT is remote access trojan written in C++.

    trojanbabylonrat

  • Quasar RAT

    Quasar is an open source Remote Access Tool.

    trojanspywarequasar

  • Quasar payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Suspicious use of SetThreadContext

  behavioral1