Overview
overview
10Static
static
samples/29...c1.dll
windows7_x64
10samples/29...c1.dll
windows10-2004_x64
10samples/62...e1.dll
windows7_x64
10samples/62...e1.dll
windows10-2004_x64
10samples/a1...60.dll
windows7_x64
10samples/a1...60.dll
windows10-2004_x64
10samples/a5...1b.dll
windows7_x64
10samples/a5...1b.dll
windows10-2004_x64
10samples/c5...a1.dll
windows7_x64
10samples/c5...a1.dll
windows10-2004_x64
10Resubmissions
22-03-2022 23:09
220322-25f5vsgbal 1022-03-2022 23:06
220322-23jszagagl 1022-03-2022 22:56
220322-2wzkvabec4 1021-03-2022 22:58
220321-2yaphaacdj 1021-03-2022 22:51
220321-2s588aaccp 1021-03-2022 22:45
220321-2pm88sdhe9 1021-03-2022 22:34
220321-2hctxsacbn 1021-03-2022 22:26
220321-2cmf6sdhd3 10General
-
Target
quakbot.7z
-
Size
427KB
-
Sample
220322-2wzkvabec4
-
MD5
c0b75294a98827d61f418d68603b6d3d
-
SHA1
99916743849daaff39ff1ea8cc4c3f7feb9a7ab1
-
SHA256
a0cf28c2aef66b9dc0538bdba509b2ba46b7abc3287f9e1dfa56fc55c210f15d
-
SHA512
faae41fcab08254f46cd93aa65fe94d4876a380b2928d1b9b76583a956139d7718d7fc192b99de58c5e2438c3550406fc368d75194fc5dff0d1c3cd80bddb22c
Static task
static1
Behavioral task
behavioral1
Sample
samples/29148f550d02cf98d89efb53f7137da28e91df43790f4fc052a0f405f99edcc1.dll
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
samples/29148f550d02cf98d89efb53f7137da28e91df43790f4fc052a0f405f99edcc1.dll
Resource
win10v2004-20220310-en
Behavioral task
behavioral3
Sample
samples/62b038f2dc2ab995d036930a2eaa5f2dc67fb0ab884459d3fa6df653eec307e1.dll
Resource
win7-20220311-en
Behavioral task
behavioral4
Sample
samples/62b038f2dc2ab995d036930a2eaa5f2dc67fb0ab884459d3fa6df653eec307e1.dll
Resource
win10v2004-20220310-en
Behavioral task
behavioral5
Sample
samples/a16db0d2025dff39a4a0de4071ce0e73c6810ab497453ad67c16ba0980385f60.dll
Resource
win7-20220311-en
Behavioral task
behavioral6
Sample
samples/a16db0d2025dff39a4a0de4071ce0e73c6810ab497453ad67c16ba0980385f60.dll
Resource
win10v2004-en-20220113
Behavioral task
behavioral7
Sample
samples/a5bc6aad1c3205857cf8d29058f8a5283bdc743b9965b5b5d2e69df9a9b6bb1b.dll
Resource
win7-20220310-en
Behavioral task
behavioral8
Sample
samples/a5bc6aad1c3205857cf8d29058f8a5283bdc743b9965b5b5d2e69df9a9b6bb1b.dll
Resource
win10v2004-en-20220113
Behavioral task
behavioral9
Sample
samples/c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1.dll
Resource
win7-20220310-en
Malware Config
Extracted
qakbot
401.51
abc105
1606839097
90.101.117.122:2222
78.97.207.104:443
189.222.242.165:995
95.76.27.6:443
2.50.56.81:443
96.225.88.23:443
47.21.192.182:2222
189.222.242.165:443
197.86.204.38:443
84.117.176.32:443
93.146.133.102:2222
71.38.13.243:443
96.21.251.127:2222
184.98.97.227:995
58.179.21.147:995
187.213.136.249:995
65.30.213.13:6882
80.195.103.146:2222
106.51.85.162:443
187.227.87.235:995
94.59.236.155:995
94.53.16.196:443
89.137.211.239:443
190.162.118.43:0
45.32.162.253:443
45.32.165.134:443
140.82.27.132:443
173.245.152.231:443
92.137.138.52:2222
92.154.83.96:1194
190.220.8.10:993
151.75.13.83:443
77.132.113.187:2222
186.147.222.63:443
2.51.246.190:995
69.47.239.10:443
68.116.193.239:443
96.27.47.70:2222
68.134.181.98:443
197.45.110.165:995
86.99.134.235:2222
71.83.16.211:443
78.96.199.79:443
189.210.115.207:443
24.179.13.119:443
74.102.76.128:443
84.126.11.130:443
176.181.247.197:443
173.169.189.169:443
187.149.126.53:443
68.131.19.52:443
189.140.45.48:995
86.98.34.84:995
208.82.44.203:443
200.30.223.162:443
184.21.136.237:995
65.131.47.74:995
71.197.126.250:443
72.252.201.69:443
82.12.157.95:995
187.153.119.36:443
24.71.28.247:443
72.36.11.22:443
181.208.249.141:443
200.110.188.218:443
118.70.55.146:443
39.32.55.12:995
62.38.114.12:2222
104.37.20.207:995
172.87.157.235:443
185.163.221.77:2222
197.161.154.132:443
83.110.150.100:443
151.60.163.18:443
73.51.245.231:995
67.8.103.21:443
37.210.131.246:443
151.27.89.199:443
79.129.216.215:2222
75.136.26.147:443
94.69.112.148:2222
41.97.183.51:443
5.13.70.10:443
85.132.36.111:2222
67.237.68.126:2222
96.247.176.125:443
80.11.5.65:2222
184.179.14.130:22
156.205.103.107:995
67.61.157.208:443
93.113.177.152:443
24.209.209.72:443
197.206.132.79:443
72.240.200.181:2222
96.41.93.96:443
85.122.141.42:995
108.46.145.30:443
2.232.253.79:995
79.172.26.240:443
5.193.115.251:2222
71.182.142.63:443
72.28.255.159:995
85.204.189.105:443
196.151.252.84:443
98.240.24.57:443
67.82.244.199:2222
189.141.31.12:443
193.248.154.174:2222
120.151.95.167:443
178.222.114.132:995
172.87.134.226:443
151.45.108.75:443
173.47.125.178:995
24.139.72.117:443
45.118.216.157:443
74.75.237.11:443
24.187.56.74:2222
75.109.180.221:443
197.135.177.36:443
190.103.55.108:443
81.214.126.173:2222
87.27.110.90:2222
185.246.9.69:995
217.133.54.140:32100
78.97.3.6:443
189.150.40.192:2222
87.218.53.206:2222
181.169.88.203:443
94.49.188.240:443
46.124.107.124:6881
83.202.68.220:2222
47.187.49.3:2222
83.196.50.197:2222
2.90.33.130:443
109.209.94.165:2222
79.119.124.237:443
2.88.53.159:995
86.120.64.243:443
116.240.78.45:995
94.53.92.42:443
181.129.155.10:443
67.6.54.180:443
96.40.175.33:443
149.28.98.196:995
109.205.204.229:2222
45.63.107.192:2222
74.129.26.119:443
173.88.7.176:443
206.183.190.53:993
94.141.3.242:443
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Extracted
qakbot
401.51
abc106m
1606921461
94.69.242.254:2222
189.140.45.48:995
37.182.244.124:2222
73.136.242.114:443
187.149.126.53:443
189.210.115.207:443
96.27.47.70:2222
185.163.221.77:2222
85.132.36.111:2222
178.87.10.110:443
120.150.218.241:995
68.224.121.148:993
78.101.145.96:61201
47.146.34.236:443
24.95.61.62:443
72.29.181.78:2222
93.113.177.152:443
87.218.53.206:2222
106.51.85.162:443
2.90.33.130:443
187.145.100.209:443
81.150.181.168:2222
98.240.24.57:443
109.154.193.21:2222
96.40.175.33:443
72.240.200.181:2222
2.7.202.106:2222
173.21.10.71:2222
187.213.136.249:995
189.252.72.41:995
66.97.247.15:443
75.109.180.221:443
72.252.201.69:443
109.209.94.165:2222
65.29.116.74:443
172.87.134.226:443
69.11.247.242:443
87.27.110.90:2222
217.133.54.140:32100
181.129.155.10:443
187.213.199.54:443
174.104.31.209:443
67.8.103.21:443
71.182.142.63:443
149.28.98.196:443
45.77.193.83:443
68.116.193.239:443
197.45.110.165:995
149.28.98.196:2222
149.28.99.97:443
144.202.38.185:2222
174.62.13.151:443
144.202.38.185:443
149.28.98.196:995
45.63.107.192:995
144.202.38.185:995
45.63.107.192:2222
189.150.40.192:2222
149.28.99.97:2222
72.79.79.92:0
116.240.78.45:995
45.118.216.157:443
95.77.223.148:443
83.202.68.220:2222
92.154.83.96:2087
41.227.82.102:443
41.205.16.89:443
86.98.89.173:2222
156.194.205.151:995
47.44.217.98:443
24.27.82.216:2222
24.229.150.54:995
71.14.110.199:443
5.15.225.109:443
47.187.49.3:2222
78.97.207.104:443
67.6.54.180:443
178.222.114.132:995
89.3.198.238:443
109.205.204.229:2222
143.178.135.25:2222
90.53.228.60:2222
95.76.27.6:443
184.89.71.68:443
85.204.189.105:443
197.161.154.132:443
176.45.233.94:995
50.244.112.10:995
75.170.145.25:443
72.28.255.159:995
108.190.151.108:2222
51.235.24.196:443
94.59.236.155:995
78.187.125.116:2222
85.52.72.32:2222
174.54.24.110:995
189.231.3.63:443
86.121.43.200:443
193.248.154.174:2222
105.103.33.188:443
37.210.133.63:995
102.185.242.27:443
39.36.30.92:995
73.244.83.199:443
2.90.186.243:995
68.15.109.125:443
86.245.87.251:2222
197.135.54.239:443
90.101.117.122:2222
96.225.88.23:443
2.50.56.81:443
47.21.192.182:2222
93.146.133.102:2222
72.66.47.70:443
96.21.251.127:2222
184.98.97.227:995
58.179.21.147:995
201.152.69.198:995
74.129.26.119:443
67.82.244.199:2222
80.14.22.234:2222
189.157.3.12:443
83.196.50.197:2222
90.23.117.67:2222
208.93.202.41:443
47.22.148.6:443
197.86.204.38:443
45.32.162.253:443
120.150.60.189:995
110.142.205.182:443
72.36.59.46:2222
196.204.207.111:443
181.208.249.141:443
140.82.27.132:443
45.32.165.134:443
71.226.140.73:443
85.98.177.32:443
87.238.133.187:995
92.137.138.52:2222
24.179.13.119:443
78.63.226.32:443
71.163.223.144:443
68.131.19.52:443
86.98.34.84:995
65.131.47.74:995
92.154.83.96:1194
217.162.149.212:443
78.181.19.134:443
151.33.226.156:443
73.51.245.231:995
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Extracted
qakbot
401.51
abc104
1606818862
79.119.124.237:443
87.218.53.206:2222
181.169.88.203:443
82.12.157.95:995
94.49.188.240:443
46.124.107.124:6881
86.122.248.164:2222
83.202.68.220:2222
79.129.216.215:2222
37.21.231.245:995
47.187.49.3:2222
2.90.33.130:443
149.28.98.196:995
149.28.99.97:443
45.63.107.192:995
149.28.98.196:2222
45.63.107.192:2222
74.73.27.35:443
149.28.98.196:443
144.202.38.185:2222
149.28.99.97:2222
45.77.193.83:443
144.202.38.185:995
24.95.61.62:443
95.77.223.148:443
71.187.170.235:443
39.36.30.92:995
188.26.243.119:443
78.187.125.116:2222
2.7.202.106:2222
178.80.62.24:443
91.104.44.226:995
81.214.126.173:2222
94.98.242.243:443
31.5.21.66:995
80.14.22.234:2222
98.121.187.78:443
47.44.217.98:443
82.10.43.130:2222
103.102.100.78:2222
45.118.65.34:443
176.45.233.94:995
81.247.148.252:995
211.24.72.253:443
189.231.3.63:443
41.227.76.249:443
156.222.155.185:995
75.136.40.155:443
92.154.83.96:2087
37.211.86.156:443
72.36.59.46:2222
219.76.148.249:443
2.50.56.81:443
47.21.192.182:2222
96.225.88.23:443
197.86.204.38:443
93.146.133.102:2222
96.21.251.127:2222
184.98.97.227:995
58.179.21.147:995
86.98.60.176:443
37.210.133.63:995
24.27.82.216:2222
82.127.125.209:20
79.115.171.106:2222
193.248.154.174:2222
172.78.30.215:443
79.166.96.86:2222
72.66.47.70:443
89.87.231.187:2222
72.29.181.78:2222
161.142.217.62:443
109.154.193.21:2222
86.245.87.251:2222
2.88.67.161:995
198.2.35.226:2222
83.110.206.115:995
2.89.183.206:443
151.16.241.219:443
110.142.205.182:443
85.98.177.32:443
78.181.19.134:443
102.185.242.27:443
90.101.117.122:2222
78.96.199.79:443
68.39.160.40:80
84.117.176.32:443
65.30.213.13:6882
42.201.228.106:995
80.195.103.146:2222
77.145.0.57:2222
94.59.236.155:995
1.43.86.247:2222
85.121.42.12:995
71.10.43.79:443
105.198.236.99:443
140.82.27.132:443
39.45.175.245:995
45.32.162.253:443
45.32.165.134:443
217.162.149.212:443
59.96.59.100:443
2.51.246.190:995
197.45.110.165:995
86.99.134.235:2222
24.179.13.119:443
176.181.247.197:443
68.131.19.52:443
86.98.34.84:995
184.21.136.237:995
65.131.47.74:995
185.105.131.233:443
81.133.234.36:2222
84.120.99.206:443
41.233.154.10:993
181.208.249.141:443
92.154.83.96:2222
92.154.83.96:1194
92.137.138.52:2222
175.140.23.200:443
46.177.174.186:443
203.106.195.67:443
172.87.157.235:443
121.58.199.24:443
151.60.163.18:443
73.51.245.231:995
37.210.131.246:443
151.27.89.199:443
41.237.210.179:995
94.69.112.148:2222
96.41.93.96:443
41.97.183.51:443
37.130.115.124:443
93.113.177.152:443
197.206.132.79:443
197.51.82.115:995
85.122.141.42:995
118.70.55.146:443
156.205.103.107:995
59.99.37.18:443
185.163.221.77:2222
39.32.55.12:995
62.38.114.12:2222
50.60.166.59:995
5.193.115.251:2222
58.152.9.133:443
196.151.252.84:443
120.151.95.167:443
178.222.114.132:995
97.119.234.37:443
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Extracted
qakbot
401.62
abc107
1607078484
32.212.117.188:443
109.205.204.229:2222
72.36.59.46:2222
173.18.126.193:2222
96.225.88.23:443
89.137.211.239:443
110.142.205.182:443
82.76.47.211:443
193.83.25.177:995
67.40.253.209:995
73.244.83.199:443
2.90.186.243:995
189.252.62.238:995
141.237.135.194:443
82.78.70.128:443
185.125.151.172:443
79.117.239.22:2222
86.189.252.131:2222
83.114.243.80:2222
2.50.56.81:443
191.84.4.150:443
83.202.68.220:2222
184.98.97.227:995
96.21.251.127:2222
58.179.21.147:995
200.75.136.78:443
37.21.231.245:995
81.97.154.100:443
185.105.131.233:443
45.32.165.134:443
140.82.27.132:443
45.32.162.253:443
201.127.76.175:2222
86.122.248.164:2222
67.141.11.98:443
73.51.245.231:995
37.116.152.122:2078
111.95.212.237:2222
172.87.157.235:3389
116.240.78.45:995
68.131.19.52:443
93.149.253.201:2222
78.187.125.116:2222
86.121.43.200:443
82.76.238.65:2222
84.232.252.202:2222
184.21.136.237:995
37.234.175.105:995
80.14.22.234:2222
24.179.13.119:443
46.209.237.214:995
71.163.223.144:443
86.98.34.84:995
41.239.180.69:993
195.97.101.40:443
2.7.202.106:2222
103.102.100.78:2222
65.131.47.74:995
37.171.1.224:0
79.166.96.86:2222
83.110.74.173:443
120.150.218.241:443
161.142.217.62:443
180.233.150.134:443
182.161.6.57:3389
164.155.230.98:443
85.105.29.218:443
151.27.126.133:443
217.162.149.212:443
92.154.83.96:2087
105.198.236.99:443
72.66.47.70:443
211.24.72.253:443
118.160.160.116:443
72.28.255.159:995
86.97.162.141:2222
92.154.83.96:2222
68.46.142.48:995
47.196.192.184:443
24.218.181.15:443
24.43.22.220:993
193.248.154.174:2222
173.21.10.71:2222
75.136.40.155:443
67.61.157.208:443
125.63.101.62:443
2.51.246.190:995
98.121.187.78:443
172.78.30.215:443
160.3.184.253:443
78.162.70.119:443
80.11.5.65:2222
78.63.226.32:443
81.214.126.173:2222
80.195.103.146:2222
174.87.65.179:443
136.232.34.70:443
86.245.87.251:2078
47.146.34.236:443
24.95.61.62:443
87.218.53.206:2222
176.45.218.26:995
197.86.204.84:443
78.101.145.96:61201
174.62.13.151:443
37.106.7.7:443
81.150.181.168:2222
94.69.112.148:2222
151.33.226.156:443
109.154.193.21:2222
69.181.191.232:443
96.40.175.33:443
79.115.171.106:2222
217.128.117.218:2222
87.115.120.176:2222
89.137.77.237:443
47.21.192.182:2222
81.133.234.36:2222
62.38.114.12:2222
94.52.160.116:443
181.129.155.10:443
84.117.176.32:443
151.75.13.83:443
45.63.107.192:2222
197.135.156.41:443
78.181.19.134:443
71.10.43.79:443
92.154.83.96:2078
144.202.38.185:995
149.28.99.97:2222
149.28.98.196:443
144.202.38.185:443
149.28.98.196:995
92.154.83.96:1194
149.28.99.97:443
89.137.211.72:443
45.63.107.192:995
149.28.98.196:2222
144.202.38.185:2222
203.106.195.67:443
162.157.19.33:2222
98.124.76.187:443
122.59.40.31:443
199.116.241.147:443
121.58.199.24:443
120.151.95.167:443
85.132.36.111:2222
75.136.26.147:443
24.27.82.216:2222
94.69.242.254:2222
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Extracted
qakbot
-
salt
���������������������������������������
Targets
-
-
Target
samples/29148f550d02cf98d89efb53f7137da28e91df43790f4fc052a0f405f99edcc1
-
Size
260KB
-
MD5
01b9cb4752f2a33d563fd09089d76571
-
SHA1
8aa2a65b78c1da2bac332069f53b6283c46f9fc6
-
SHA256
29148f550d02cf98d89efb53f7137da28e91df43790f4fc052a0f405f99edcc1
-
SHA512
2764312e1608927ead6467c885ab5155d6fac3ec69ab856991a50f8af0f61085901c43fd4ce2d7f071623bb9e0bd6d478103d9ad87ae6219334fb1102ee297aa
-
-
-
Target
samples/62b038f2dc2ab995d036930a2eaa5f2dc67fb0ab884459d3fa6df653eec307e1
-
Size
337KB
-
MD5
1bcb097de905cbe1e9fc9683e1dea036
-
SHA1
df042b4a2c65a0d761f93baeb8ee4d06fbd33229
-
SHA256
62b038f2dc2ab995d036930a2eaa5f2dc67fb0ab884459d3fa6df653eec307e1
-
SHA512
89f6de104a2dd12040492d8836ac1819a4f857c4e6554848b68d5ca51fe7b2bd5d860403954af45a67cad42bc9909ef94fa9175e20580cfe5c6a8d14d2386b29
-
-
-
Target
samples/a16db0d2025dff39a4a0de4071ce0e73c6810ab497453ad67c16ba0980385f60
-
Size
294KB
-
MD5
118b1050be87b8189692b82df0ae3045
-
SHA1
f7ca1686e66866ce961a3b94bbee1d94b962a450
-
SHA256
a16db0d2025dff39a4a0de4071ce0e73c6810ab497453ad67c16ba0980385f60
-
SHA512
abe0ae20a6a7a93bdbfe2909185a646b8eae6fdf31de0a1b51f51c79bf845974345448d105cf004e91539dcb81ca6fa504db85b822599a857aeed1f1bb46e5fb
-
-
-
Target
samples/a5bc6aad1c3205857cf8d29058f8a5283bdc743b9965b5b5d2e69df9a9b6bb1b
-
Size
260KB
-
MD5
3b8ca07dfa8d8ed5d7a4522ddcc65e88
-
SHA1
acc5b1ba536db0f88b8144450ef1f1dbb1338b55
-
SHA256
a5bc6aad1c3205857cf8d29058f8a5283bdc743b9965b5b5d2e69df9a9b6bb1b
-
SHA512
e1535e0f95f7635fce77e4a00bed1eb0300934257b5ecc4dbcece970e98cbbf1fcafc9c40ce9a966b17c584b9623c8cd18e681fa43497d1cc4ab1c592a87cd5a
-
-
-
Target
samples/c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
-
Size
2.1MB
-
MD5
adfa9e13af7bff7b9304de834dc620e6
-
SHA1
1eceee464aefad0708f1e5ddcd0550b25da32fe0
-
SHA256
c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
-
SHA512
c3e459751cd7d36c6fe6934d03144536a3d0f6f85318bf14f798a6ea9d5bee2adf68cb20d2c9ecf861a9bd96b5fd75750fcf283f8fe17a878f19ab7706692c66
-