General
Static task
static1
URLScan task
urlscan1
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
SynapseX
C2
espiny-38468.portmap.host:38468
Mutex
987e6177-8b62-48ea-8ca9-c699971b74ba
Attributes
-
encryption_key
C7EC88A5CCB59BD73EF3F7D4787818BE89C06664
-
install_name
Boot 10.5.exe
-
log_directory
Windows Logs
-
reconnect_delay
3000
-
startup_key
Windows 10 Boot
-
subdirectory
Windows 10 Boot
Targets
-
-
Quasar payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory