Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
699da6dc48f908308fe9f096be1161b0.dll.vir
-
Size
318KB
-
Sample
230316-cpt94sgd99
-
MD5
699da6dc48f908308fe9f096be1161b0
-
SHA1
229337298834b2c5494547b67a2f9c95959c48d5
-
SHA256
2e5e54ef65aa8b966d0ae4ba54f9141045612e3bc72790fb5fe5668747f6edf9
-
SHA512
c69bf1afafc828828199402be78e10f78bd3288ebae3360dda35a713dc6ee6adda725defbe602ea8a734e5add3e688aed621b2689a49256e5ca177c1033dbd59
-
SSDEEP
6144:NaaVzaA4R+aU/P/IvTDp3ZZ99GSrtMhsNW9TUW/aSFGMReiDhKRIbGjZneB6ncqJ:m+aU/P/IvTDp3ZZ99RrtyU2GSYIajfnP
Malware Config
Extracted
qakbot
404.263
obama243
1678889958
91.196.69.245:443
90.104.22.28:2222
37.14.229.220:2222
88.126.94.4:50000
92.159.173.52:2222
122.184.143.85:443
85.61.165.153:2222
86.195.14.72:2222
92.154.17.149:2222
47.203.229.168:443
98.187.21.2:443
70.51.152.61:2222
91.68.227.219:443
92.154.45.81:2222
88.122.133.88:32100
98.147.155.235:443
91.254.229.61:443
213.31.90.183:2222
174.118.36.28:443
197.14.148.149:443
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
699da6dc48f908308fe9f096be1161b0.dll.vir
-
Size
318KB
-
MD5
699da6dc48f908308fe9f096be1161b0
-
SHA1
229337298834b2c5494547b67a2f9c95959c48d5
-
SHA256
2e5e54ef65aa8b966d0ae4ba54f9141045612e3bc72790fb5fe5668747f6edf9
-
SHA512
c69bf1afafc828828199402be78e10f78bd3288ebae3360dda35a713dc6ee6adda725defbe602ea8a734e5add3e688aed621b2689a49256e5ca177c1033dbd59
-
SSDEEP
6144:NaaVzaA4R+aU/P/IvTDp3ZZ99GSrtMhsNW9TUW/aSFGMReiDhKRIbGjZneB6ncqJ:m+aU/P/IvTDp3ZZ99RrtyU2GSYIajfnP
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-