General
-
Target
07efdd0de11d53ecc09daf92e3f2cdb53abd05d57510d2f605ad777e4427e90b.dll
-
Size
354KB
-
Sample
221103-jepp7saagn
-
MD5
c4d74593ce8a2013cc189721c14b4a2e
-
SHA1
e096a6e1f12940357cfbe9751e571f125bacb1e7
-
SHA256
07efdd0de11d53ecc09daf92e3f2cdb53abd05d57510d2f605ad777e4427e90b
-
SHA512
45d39162948f6da56090d88431818904c6ee36b79a053e0fddf8d63887887c30eb3b298e3948e09bdd5b63096f2f195a592eadf1f02e1eb17cf0492ee68c21c1
-
SSDEEP
6144:INsacLpop/C9lIbtBMHkqmO+pefWRAw6hjSy/AACs98K/f+ZuDXKK8bTcTCaUza2:ss/tMrbQHt+ps1w6RcA3/2oXmbTdaUm2
Malware Config
Extracted
qakbot
404.14
obama220
1667373670
174.0.224.214:443
1.70.60.142:54792
74.33.84.227:443
1.175.205.2:13825
187.1.1.45:12681
190.24.45.24:995
1.50.68.204:18177
193.3.19.137:443
1.41.44.11:58115
73.165.119.20:443
58.247.115.126:995
1.84.35.26:3587
216.82.134.218:443
1.181.164.194:58369
187.1.1.74:23795
71.199.168.185:443
1.94.49.5:29697
187.0.1.108:11471
186.73.140.43:443
1.97.119.214:59649
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
07efdd0de11d53ecc09daf92e3f2cdb53abd05d57510d2f605ad777e4427e90b.dll
-
Size
354KB
-
MD5
c4d74593ce8a2013cc189721c14b4a2e
-
SHA1
e096a6e1f12940357cfbe9751e571f125bacb1e7
-
SHA256
07efdd0de11d53ecc09daf92e3f2cdb53abd05d57510d2f605ad777e4427e90b
-
SHA512
45d39162948f6da56090d88431818904c6ee36b79a053e0fddf8d63887887c30eb3b298e3948e09bdd5b63096f2f195a592eadf1f02e1eb17cf0492ee68c21c1
-
SSDEEP
6144:INsacLpop/C9lIbtBMHkqmO+pefWRAw6hjSy/AACs98K/f+ZuDXKK8bTcTCaUza2:ss/tMrbQHt+ps1w6RcA3/2oXmbTdaUm2
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-