General
-
Target
2cd1be65e78ccbd2cdc8bd3711e1f2199a706c341cd62c6636d4cba96a5ce447.iso
-
Size
1.6MB
-
Sample
221122-vd18dsea9z
-
MD5
c33699bd0e4cf0e385238ef1da4fac44
-
SHA1
3bc0ad15c31c951173aa6bf6d2db3a94e7a296b0
-
SHA256
2cd1be65e78ccbd2cdc8bd3711e1f2199a706c341cd62c6636d4cba96a5ce447
-
SHA512
c2f3edc72e94823426caa923ab4cb5ea2dc8aa6520fe7d43cc383a796364e45580bb4c3662f362ae8b98472627f126d4773d0d5ebded03b9c88b39b9d8f0db4f
-
SSDEEP
24576:G3VzebIGQvSeKV9TAwPZ8nPQQrrabMxNd6LE3Sl+w:6JvgMQM3fd66Sw
Malware Config
Extracted
qakbot
404.27
BB06
1668418916
24.142.218.202:443
152.170.17.136:443
90.104.22.28:2222
24.64.114.59:61202
86.225.214.138:2222
92.27.86.48:2222
70.120.228.205:2083
24.206.27.39:443
27.99.45.237:2222
105.103.27.80:32103
170.253.25.35:443
24.64.114.59:2222
92.207.132.174:2222
86.133.237.3:443
172.117.139.142:995
108.6.249.139:443
92.239.81.124:443
86.129.13.128:2222
47.34.30.133:443
86.148.55.111:443
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
CL.lnk
-
Size
1KB
-
MD5
7d82b0c9baf5165ad9f2da1015f35310
-
SHA1
e81bbc1d79eedd5b00a423dde28826716c38e326
-
SHA256
1bd2c7e0204b957470fa5f955a22b9a7bf905e23f41acbcc83a4ec08b922f1c1
-
SHA512
f40e1c7ec6018f60590c73d37c7ec88807ba6e11fddbb503c036432fcdb7b7ecef23f4ccef252705a5c5e71d22282ca9ca55fb63e4efa87c6d4efbbd9a9747b6
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-
Executes dropped EXE
-