General
-
Target
7985856129.zip
-
Size
232KB
-
Sample
220914-q2jk2aaeb7
-
MD5
54942583efec944f0fe64ceecc30b01a
-
SHA1
099f077710d2a4f02afb8b002e45a06d5f338e82
-
SHA256
6632fad112c6625d775273d243d3d9a2acc4c3879022b144712c8f10a245e61a
-
SHA512
cc255dd0629cd5c0697b4e3d991275dcf4f85f1e71ca72aefa29098ef71d12a1410d5a13ac2335433e5b712f0f41c320b7ce106c04c65c158cc6c7734eb3ab6d
-
SSDEEP
6144:X0RIcivxVNOjUBptI5xlcYvUT7al4YhekJKcn51g4ehUF:E6civzNdri5QPTulH51Yq
Malware Config
Extracted
qakbot
403.858
obama202
1663062752
99.232.140.205:2222
41.69.118.117:995
179.111.111.88:32101
37.210.148.30:995
47.146.182.110:443
191.97.234.238:995
64.207.215.69:443
88.233.194.154:2222
81.131.161.131:2078
86.98.156.176:993
200.161.62.126:32101
88.244.84.195:443
78.100.254.17:2222
85.114.99.34:443
113.170.216.154:443
194.49.79.231:443
193.3.19.37:443
84.38.133.191:443
175.110.231.67:443
191.84.204.214:995
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
1cbd5c3072fd99bff1408bc1f8a3b09206322de8b83b743a57efa24adefdb44f
-
Size
368KB
-
MD5
aaabcb8c5464c4fdb6d72816f77f3b65
-
SHA1
7397d48671bde4ef13ae59f3427f0c1a1e7977d4
-
SHA256
1cbd5c3072fd99bff1408bc1f8a3b09206322de8b83b743a57efa24adefdb44f
-
SHA512
c5165a9e1f8185a94256bb67cf89d035f743e461795f0444208ee116df53bec5633673527cf52727462a8c543286c2f05f74dcc16078e5a1d2689ea434876546
-
SSDEEP
6144:0u8T9zrStWm3C3klS1gqbe5L05kVxVFInAPexY5ixyizO8wj+A:/8ZSg24Vbe5LFVxVFIAPWelSZm
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-