General
-
Target
qbot.zip
-
Size
227KB
-
Sample
221205-kaaadsbf39
-
MD5
131c323cf551fb9906cef1f971650d08
-
SHA1
9b005de50670f7c361f96ef69cc78b42e8ccad1e
-
SHA256
0a22b3cc61f95750df85f0abec5ca0d0d9e917c1924b4003e3c58a1e17148847
-
SHA512
74d7acfb955c7eb474b8e3c4303b9e8a943e5c75188eddd532cac4d5e98a83917c9b993beab3262d30cfd32a57eb31a906b29396366475611d67cc754cdb78e6
-
SSDEEP
6144:Rdn0BvsUWkMhlN9scyXZ2sUzkvUuqiYHMRl4YtJ9:REvGkCXa2suGqFEB
Static task
static1
Behavioral task
behavioral1
Sample
Attachment.iso
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
8969122ef3485d.ps1
Resource
win10-20220901-en
Behavioral task
behavioral3
Sample
8969122ef3485df.ps1
Resource
win10-20220812-en
Behavioral task
behavioral4
Sample
Attachment.lnk
Resource
win10-20220812-en
Behavioral task
behavioral5
Sample
document.pdf
Resource
win10-20220812-en
Malware Config
Extracted
cobaltstrike
0
-
watermark
0
Targets
-
-
Target
Attachment.iso
-
Size
822KB
-
MD5
1ff6225f783595cf3a0c11720fa945d8
-
SHA1
4d71522a9cbf2f050f1b369f18351f6eec89b46e
-
SHA256
d0d1b77c34afe7bec255227fc946e32890e7f6abff67e913d7ef4ea5e33efacb
-
SHA512
3074e2212e10ac32b5bee3eca1ce9b324a85c5866b24c0086838b5ce336c380276f0616befe6c0c10d9cbdd1c95ed9c6de5eb3f3101d4f91cccb890f74b7b669
-
SSDEEP
12288:3hU0sdb34MkPGI4MpPBrCi1y05XlXNgLZRwUm14nY:vpki13jgLZRwUm1v
Score10/10-
Blocklisted process makes network request
-
Drops startup file
-
-
-
Target
8969122ef3485d.log
-
Size
23KB
-
MD5
914dd9891afe574b611e2e38a162ae1f
-
SHA1
ad4c9126bcf2e534cd355107c301d01832889610
-
SHA256
304d6a87f624d74df2bf37c458b2f06c525aad947886413befac892c1d89a394
-
SHA512
33a70a75e956bcdb70c22b27c2f3044d6c527e3a10446cb6654431ecfbe326d69631b8ad61bb8f8bc8399f6122bdc229dfc01a607cec38587d39dccc67dd902c
-
SSDEEP
384:k6dBkkPyac1Vzzgq2wjvulFcagjATRdMa5oE4BW2d4yvnR:/bXPY1VzzgOecag0DMaclDfR
Score8/10-
Blocklisted process makes network request
-
Drops startup file
-
-
-
Target
8969122ef3485df.log
-
Size
420KB
-
MD5
06b8feae2c9d9f2940cb9dca40d553c3
-
SHA1
b246ed8055ad9e7bb760795e054224d406ec8a20
-
SHA256
93b0f19011468a4864c114bcbcfc55f460e2c789b14ea893c26ce450d3c21a9e
-
SHA512
d0285b2a638ff76fe846f41118c7e6e2ac741ab071ec63432fc8406b181ebf187c0d77f45740eb26a193f348b15db478a7d6c96c6f92df6a7464b46c9a3f6818
-
SSDEEP
12288:hhU0sdb34MkPGI4MpPBrCi1y05XlXNgLZRwUmm:tpki13jgLZRwUmm
Score8/10-
Blocklisted process makes network request
-
-
-
Target
Attachment.lnk
-
Size
2KB
-
MD5
4f86eb0c1fac722e4c7b4f6f089bd127
-
SHA1
9d459b6ebc01d6e937785e1e118000bebdd3f700
-
SHA256
89a1a6cb000a66b841ad26a8d0d5af507cc17efc00a109d61d52a65caa4cef43
-
SHA512
c8f1d53629d14ddbe84b6878104a773e7a1bd8da47ab2b3d5ac04955916978bd79db0a9c3a94652889580344cf21416d7791b2982afeb7da5839ce33c7cc76a0
Score8/10-
Blocklisted process makes network request
-
Drops startup file
-
-
-
Target
document.pdf
-
Size
10KB
-
MD5
8a7cadbe3c40344007c5334b41f0e8cf
-
SHA1
fbc916f065157cc5a13f22453c19f7dfecc3c228
-
SHA256
3902e1734b1d0187d3404dafa4616212342630cb46913242060f485e58201a75
-
SHA512
8c5e0d7a938ac13537041335d5ea185e83e025b6da138c0c3c49794825e873a52c048b08579711a888bae6e9fedc03996dbb5a2696844bb5335b8f96017dcbdb
-
SSDEEP
192:GWY3Ro9kPRzjVap5F5rBfHOHAo9u8wGW1/Pgk/pDqX1TX5DESqyuZnZgprCZ5npK:GWaHhjVsHmAocZd1/f/pO1VDULERCZ58
Score1/10 -