Analysis

  • max time kernel
    31s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07-06-2023 15:02

General

  • Target

    qbot.dll

  • Size

    458KB

  • MD5

    8c836e7cbb1be6066855c419822a1437

  • SHA1

    6793557ed4c894fd8aa101eacb121b42fcaea3f9

  • SHA256

    c219d1d518dde48b751f44298530fef731cfb1c0abf969a334bda025423ba162

  • SHA512

    2930862c776b03241d0de60c9d6f763d90b163ab1c4e077be93345ad7df5f6d625fff36e3b8580b334ab873740c66a92c7acd1c027f7d7d0854fd4d89bc699f1

  • SSDEEP

    12288:1BBzPfDyNMCLzaf1jhk6rOB4VzW9PXNYL5FHnKaWl5N26tw:lfeNMCn0j5rjI1NO51SI6e

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\qbot.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\qbot.dll,#1
      2⤵
        PID:848

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads