qbot-7-pw-abc555[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

1

REJ_1766.iso

windows10-1703-x64

3

REJ.lnk

windows10-1703-x64

3

oslo/nicks.txt

windows10-1703-x64

1

oslo/they.cmd

windows10-1703-x64

1

oslo/train.png

windows10-1703-x64

3

oslo/trudge.dll

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

REJ_1766.iso

Resource

win10-20220812-en

windows10-1703-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

REJ.lnk

Resource

win10-20220901-en

windows10-1703-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

oslo/nicks.txt

Resource

win10-20220812-en

windows10-1703-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

oslo/they.cmd

Resource

win10-20220812-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

oslo/train.png

Resource

win10-20220901-en

windows10-1703-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

oslo/trudge.dll

Resource

win10-20220812-en

qakbot obama213 1665998932 banker stealer trojan

windows10-1703-x64

4 signatures

150 seconds

General

Target

qbot-7-pw-abc555.zip
Size

828KB
MD5

993a2752108f07e806267ebbc28529e6
SHA1

f2a3605a337a288b276912cc97499eada023bfbf
SHA256

7f891d031f9fb425425dead2afdb523cdd3979da1416ddcc66adf3147ef359d1
SHA512

6f84732095ab3284361b43bae1b6e80fe182836fd3a9bb0f7b23c2328d5786c370ca6e3e4959a572909f737cf866e97beec194acb6d13d9058aa1bb139b76246
SSDEEP

12288:oxnrIPfGpzZISScxrvaSUkO1O4UHE66Lx4mSy2HjE5K0p8AJxqEjMZ3+0ovd6ZV1:eSAGSSar5XtVuumKsPjJU7O0o6DRBAab

Score

1^/10

Malware Config

Signatures

Files

qbot-7-pw-abc555.zip
.zip

Password: abc555
REJ_1766.iso
.iso

Password: abc555
REJ.lnk
.lnk
oslo/nicks.txt
oslo/they.cmd
.cmd .vbs
oslo/train.png
.png
oslo/trudge.dat
.dll windows x86

Password: abc555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy