General
-
Target
https://github.com/bryv2/infinity-5.3
-
Sample
241201-2hkjrszper
Score
10/10
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
TikTok Botter
C2
4.tcp.eu.ngrok.io:10781
Mutex
2f3a73af-e8d9-474e-9799-670ba23d2c88
Attributes
-
encryption_key
9E9F28DD4D44C0EAD985E1FC05A096E1EB2480CA
-
install_name
TikTok Botter.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
TikTok Botter services
-
subdirectory
SubDir
Targets
-
-
Target
https://github.com/bryv2/infinity-5.3
Score10/10-
Quasar RAT
Quasar is an open source Remote Access Tool.
-
Quasar family
-
Quasar payload
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-