General
-
Target
4e00ef729791ab14f3dd4022deee9faa91e84ca9e9bcdb70ca313225bb463993
-
Size
220KB
-
Sample
220704-l4e86sade7
-
MD5
b72fb85f3e8396ea9516735eea597b90
-
SHA1
ca92d9886f63028a31dfdeed928a31a8cb1c9bbd
-
SHA256
39e4776ea8f1a8acc94b9f19406dd7c68d7a0166af73281d64267f56d7fee79c
-
SHA512
d4e37d2f818e3c501492babb69ab6e1bef755c0d789c640fb17d107cefabc69edf735ed4125429dd34fdeb25914e6f1f74c5566f64ecfdb9311945eba79a30dc
Malware Config
Extracted
qakbot
403.780
obama195
1656400725
74.14.5.179:2222
104.34.212.7:32103
142.186.49.224:2222
93.48.80.198:995
94.59.15.180:2222
217.128.122.65:2222
45.241.173.232:993
24.43.99.75:443
89.101.97.139:443
70.46.220.114:443
32.221.224.140:995
67.209.195.198:443
37.34.253.233:443
80.11.74.81:2222
81.214.215.234:443
67.165.206.193:993
173.174.216.62:443
186.90.153.162:2222
148.64.96.100:443
176.205.23.138:2222
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Targets
-
-
Target
4e00ef729791ab14f3dd4022deee9faa91e84ca9e9bcdb70ca313225bb463993
-
Size
370KB
-
MD5
be0c2af0caea627364f33d39ad94ad38
-
SHA1
879678b8b88e5b885a36914e765bccf3970716fc
-
SHA256
4e00ef729791ab14f3dd4022deee9faa91e84ca9e9bcdb70ca313225bb463993
-
SHA512
20b1cfdb6c795a8add13cc43516268c742d4f69c7fe5d8829adaa8e7daf97ae3e72c444d2cc80e07fb6147db7cf1bc84b508490d8cf5c60f23cb82e41d7759a1
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-