General
-
Target
https://github.com/quasar/Quasar
-
Sample
240628-bbcmgavbrk
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com/quasar/Quasar
Resource
win10v2004-20240611-en
22 signatures
300 seconds
Malware Config
Extracted
Family
quasar
Version
1.4.1
Botnet
Acrobat reader
C2
10.127.0.202:4782
Mutex
63c9b5c7-6d7a-4724-98d1-4522c9211124
Attributes
-
encryption_key
869EB325210460AF4DCAB32B28348C15279D6AEC
-
install_name
Reader.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
oMtCMngr
-
subdirectory
Pdf Reader
Targets
-
-
Target
https://github.com/quasar/Quasar
Score10/10-
Quasar payload
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-