General
-
Target
573f2d325bc740256fd9ef4c72c4ffcc446d7008d0a6ce9b6706b2d5172dcd20
-
Size
342KB
-
Sample
230410-sweq1afh6x
-
MD5
3fad4f160449e5d95c419eb0b862338b
-
SHA1
cb40dde6939e22370c4e6425d4398b79235d2b72
-
SHA256
cf3dd891fa90e3b64cd1aa99bae1fcbd0b402c7481d73886942451a6df66a223
-
SHA512
ff290609ceb2cb4c9ae684d927b65f145e54d26bdc1a1ce99eb2029799d844602aa997f948e0de7c6962509e79c16bed4512960b3ff173c9a0143d18a56afdbf
-
SSDEEP
6144:RWERAAtWfxEj33fNoGAXWGnB1O6HepfWA91Eaw7fs+fyo76aneSRA5wPp:HWpEjHcXWG/dW191EaWf2aneSowx
Malware Config
Extracted
qakbot
404.909
BB22
1680688614
209.93.207.224:2222
90.93.132.149:2222
109.11.175.42:2222
12.172.173.82:993
86.195.14.72:2222
82.121.195.187:2222
88.122.133.88:32100
86.154.216.221:2222
91.82.133.190:443
197.3.198.241:443
70.112.206.5:443
12.172.173.82:50001
103.123.223.141:443
103.141.50.102:995
201.244.108.183:995
183.87.163.165:443
76.178.148.107:2222
96.87.28.170:2222
76.80.180.154:993
92.189.214.236:2222
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
573f2d325bc740256fd9ef4c72c4ffcc446d7008d0a6ce9b6706b2d5172dcd20
-
Size
606KB
-
MD5
3749841bdd0650f2f9265d89c00ea328
-
SHA1
d808341a4dfee8578bada9683459b0c8bf6ce79c
-
SHA256
573f2d325bc740256fd9ef4c72c4ffcc446d7008d0a6ce9b6706b2d5172dcd20
-
SHA512
b2e716afe9cc590c4290d3c099aa741e88f7f2c748843c5f01f51c32f0c0e1aceb6983a16361c5a89343a3f0e9eb737f47c20282b4af99c36d39095d323bf472
-
SSDEEP
6144:k/ZzllHDjygb7kZJUP9SDTOq3WlrQQurP/o2SiN5ryK9T+gZw/NCxeczYjlDtKK8:+HDjygXeIBrbYXPCd/NyYxRGu5DO
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-