Extracted

• • Target

    AS.js

  • Size

    131B

  • MD5

    39521c01435c268ccf7df64f6f552488

  • SHA1

    3020be5563b2efac7a487b92a375c50c29441fd7

  • SHA256

    8edec93513434225615c88354d220e13e97e072b156ba84d30c8c673d230af5f

  • SHA512

    82f362325dbe52d533c67e17b0be8dd4c6e3bc6a6f2ecb19c6425bcfa73bd294484845180d2c46eea07356b2de72a2526da87a24569550dc7c39965fe73f9d76

  Score

  10^/10

  qakbotbb081669628564bankerstealertrojan

  • Qakbot/Qbot

    Qbot or Qakbot is a sophisticated worm with banking capabilities.

    trojanbankerstealerqakbot

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  behavioral1behavioral2

• • Target

    fix/codify.ps1

  • Size

    374B

  • MD5

    567b9a7715106b12f899c6021a49ab71

  • SHA1

    4439cbe9ca9758c52d93fb30488506a46678b716

  • SHA256

    0cab82af4f083c592a12cf4982e745ddaedf85acb505607157881765de7e7754

  • SHA512

    7bec4d97f505befa9635c842b4f73d2eb16438c805daf6f61a20d41a0ea74014933b592407e9c8c84c7c3632cc3fa6c7e9a6befa7c55a571e71220b8b5cbd09b

  Score

  1^/10
  behavioral3behavioral4

• • Target

    fix/vetoing.js

  • Size

    131B

  • MD5

    39521c01435c268ccf7df64f6f552488

  • SHA1

    3020be5563b2efac7a487b92a375c50c29441fd7

  • SHA256

    8edec93513434225615c88354d220e13e97e072b156ba84d30c8c673d230af5f

  • SHA512

    82f362325dbe52d533c67e17b0be8dd4c6e3bc6a6f2ecb19c6425bcfa73bd294484845180d2c46eea07356b2de72a2526da87a24569550dc7c39965fe73f9d76

  Score

  7^/10

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral5behavioral6