General
-
Target
cf25ce66f5db866bd72701d69807ef12924b38dd96b3b9b9975dcd68477c5ed5
-
Size
341KB
-
Sample
230519-xw6a6sfe37
-
MD5
13bd545bd421959185202f753f6ca235
-
SHA1
a51dc371630ed36ee6ae38b780cda55eeb227217
-
SHA256
62ca8e59886d8e31716da7f58978d2afe50c9d62454cd1df43fa0632bbc04d03
-
SHA512
d6cb055f3160c4feb48832901003c77793bd0bfcfe9d91e9345df85645e78dc709d540db51b2b32e6d7b5410cb4d753857dace1e292a7e30a7c7e92f1509b7b8
-
SSDEEP
6144:XWERAAtWfxEj33fNoGAXWGnB1O6HepfWA91Eaw7fs+fyo76aneSRA5wP73iEx:ZWpEjHcXWG/dW191EaWf2aneSowjFx
Malware Config
Extracted
qakbot
404.909
BB22
1680688614
209.93.207.224:2222
90.93.132.149:2222
109.11.175.42:2222
12.172.173.82:993
86.195.14.72:2222
82.121.195.187:2222
88.122.133.88:32100
86.154.216.221:2222
91.82.133.190:443
197.3.198.241:443
70.112.206.5:443
12.172.173.82:50001
103.123.223.141:443
103.141.50.102:995
201.244.108.183:995
183.87.163.165:443
76.178.148.107:2222
96.87.28.170:2222
76.80.180.154:993
92.189.214.236:2222
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
cf25ce66f5db866bd72701d69807ef12924b38dd96b3b9b9975dcd68477c5ed5
-
Size
590KB
-
MD5
9b1788208196840b9b4623c39dcdb94f
-
SHA1
60062e2fa57429e8c7285c56045b1f792935bcab
-
SHA256
cf25ce66f5db866bd72701d69807ef12924b38dd96b3b9b9975dcd68477c5ed5
-
SHA512
9663ea75e18da85681bb14919404479e7c1e6a760a086121fb70a6fbbd537749b7ee0a22c52c1449e51566b64006ec234d565ad658b21f6c1a4c877f936b719c
-
SSDEEP
6144:k/ZzllHDjygb7kZJUP9SDTOq3WlrQQurP/o2SiN5ryK9T+gZw/NCxeczYjlDtKK8:+HDjygXeIBrbYXPCd/NyYxRGu5DO
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-