General

  • Target

    https://gofile.io/d/XUQ3Zo

  • Sample

    240517-srlczsdg4x

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

PoofNRico

C2

nahchris-49021.portmap.host:49021

Mutex

1a5d095f-2c59-4b3f-b053-5bd928b2e541

Attributes
  • encryption_key

    ADBAB4BC16998E7E1913E54C27829FE47C72BE6D

  • install_name

    PlutoBETAv2.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    DiscordUpdater.exe

  • subdirectory

    PlutoBETAv2

Targets

MITRE ATT&CK Enterprise v15

Tasks