qbot_20220629[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

33667344.dll

windows7_x64

33667344.dll

windows10-2004_x64

INV87162.txt.lnk

windows7_x64

3

INV87162.txt.lnk

windows10-2004_x64

UFbjRkMGfw.ps1

windows7_x64

UFbjRkMGfw.ps1

windows10-2004_x64

notice.txt

windows7_x64

1

notice.txt

windows10-2004_x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

33667344.dll

Resource

win7-20220414-en

icedid 1842176049 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

33667344.dll

Resource

win10v2004-20220414-en

icedid 1842176049 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

INV87162.txt.lnk

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

INV87162.txt.lnk

Resource

win10v2004-20220414-en

icedid 1842176049 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

UFbjRkMGfw.ps1

Resource

win7-20220414-en

icedid 1842176049 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

UFbjRkMGfw.ps1

Resource

win10v2004-20220414-en

icedid 1842176049 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

notice.txt

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

notice.txt

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

qbot_20220629.zip
Size

421KB
MD5

635b2a3facba50cfcc5257cb1ae764c8
SHA1

8a55ab05ebb316fbc692cf6bc92810b7087e6367
SHA256

4b0e50204999c44b9f7d7fa88aac013056c0e9fe63d88f37e1e7a3212a001a12
SHA512

bf901c1ee5ba0b3330756e93d3eb611170b7f6b93cc62cc31768d714c95aa9f528556bd39a5e343b86bca8164ca3cfa2eceee2c462a267f6c5fe27fb3c9ecd9e
SSDEEP

6144:oNggYNDa2pSkvClhIuW+eShWcIAxuqetIP0XxgHcDlZh/bs/92kxPu4G2TV2nwt:oNpabgIuvpFeiP0XKvpx4AV2M

Score

N/A

Malware Config

Signatures

Files

qbot_20220629.zip
.zip
33667344.dll
.dll windows x64

a2dbe2dbdd4a618ca4f33e06c39b7b86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

TabbedTextOutW
TrackPopupMenu
RemoveMenu
CallWindowProcA
SendMessageCallbackW

gdi32

GetColorSpace
GetPath
CreateFontIndirectExA
GetObjectType
GetGlyphOutlineW
CreateDIBitmap
CreatePalette
EnumFontsW

shlwapi

StrDupW
StrToIntExW
StrCpyNW
StrRetToBufA
ord157
StrCSpnA

msvfw32

ICDecompress
DrawDibGetBuffer
GetOpenFileNamePreviewA
GetOpenFileNamePreviewW
ICInstall
ICCompress

Exports

Exports

AR2mgwpu
GTfruh
Hyuasbbjhas
KCQCJSqhP
Qd4KvioH
RuCMhkVyyvW
Wv1q0db
Zqr3ahIiS
eQkMyof1vtl
f3v3sP6N
i2xISu
jnPELv
n7iOlizF
nM4zPvJ
oGTYT90cmE
qERcNolXzd
qNRjv4q
urUW81SnK
yEWQvjHm
yehHRNbX
yhpwNn

Sections

.text
Size: 731KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INV87162.txt.lnk
.lnk
UFbjRkMGfw.ps1
.ps1
notice.txt

© 2018-2024

Terms | Privacy