Overview

overview

10

Static

static

1

URLScan

urlscan

https://github.com/q...

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://github.com/quasar/Quasar

  • Sample

    240628-bbcmgavbrk

Score
10/10
quasaracrobat readerspywaretrojan

Malware Config

Extracted

Family

quasar

Version

1.4.1

Botnet

Acrobat reader

C2

10.127.0.202:4782

Mutex

63c9b5c7-6d7a-4724-98d1-4522c9211124

Attributes
  • encryption_key

    869EB325210460AF4DCAB32B28348C15279D6AEC

  • install_name

    Reader.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    oMtCMngr

  • subdirectory

    Pdf Reader

Targets

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Persistence

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Privilege Escalation

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks