General
-
Target
http://filebin.net/xsp1z28x3jd2rs6q
-
Sample
250116-w6bnwatnbp
Score
10/10
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
Victim1
C2
webidir878-46130.portmap.io:46130
Mutex
5ff91f17-6fe8-4425-82f9-6366b46724f7
Attributes
-
encryption_key
D27C71C70169CF875C0BE80E2DC822FBE56B1109
-
install_name
Chrome.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Google Chrome Setup
-
subdirectory
Google
Extracted
Family
quasar
Version
1.4.1
Botnet
Office04
C2
10.127.0.48:4782
Mutex
9b225906-1617-49ef-bb3a-e8f6ef2a81c1
Attributes
-
encryption_key
1B774F3185F3A42FCDB51EF7371C864A93FF4A01
-
install_name
Chrome.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Google Chrome
-
subdirectory
Google
Extracted
Family
quasar
Version
1.4.1
Botnet
sfdih
C2
10.127.0.48:4782
Mutex
7c2c56df-01fe-4a99-8343-64e9423c0c42
Attributes
-
encryption_key
1B774F3185F3A42FCDB51EF7371C864A93FF4A01
-
install_name
Chrome.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Google Chrome
-
subdirectory
Google
Targets
-
-
Target
http://filebin.net/xsp1z28x3jd2rs6q
Score10/10-
Quasar RAT
Quasar is an open source Remote Access Tool.
-
Quasar family
-
Quasar payload
-
Executes dropped EXE
-