General
-
Target
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114
-
Size
260KB
-
Sample
230612-x41ewsea3z
-
MD5
d5916cb2ff52e0411bc80a716b2aa528
-
SHA1
98baa0c511f8595f3a8b28c5ae1d69717b855791
-
SHA256
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114
-
SHA512
618ef15305dd64d82e65e81fee659a59313998fab0d493accc122cc6795abbffcf1e31bcb1aff34413706c220777b3834a8f46240e60aca85e8d1d523f990deb
-
SSDEEP
6144:woGZATIJ/rRDAmZ0CI1jp8qTiAS1fW0PBJ+Y:woGGTM/hnZ0VayYv+Y
Malware Config
Extracted
qakbot
404.476
BB20
1679481679
103.111.70.66:995
67.10.2.240:995
78.130.215.67:443
174.4.89.3:443
47.132.248.132:443
92.159.173.52:2222
75.143.236.149:443
80.42.186.99:2222
213.91.235.146:443
73.165.119.20:443
74.92.243.113:50000
12.172.173.82:20
162.248.14.107:443
50.68.204.71:993
92.186.69.229:2222
176.142.207.63:443
109.159.118.229:2222
85.231.105.49:2222
50.68.204.71:443
70.55.67.13:2222
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114
-
Size
260KB
-
MD5
d5916cb2ff52e0411bc80a716b2aa528
-
SHA1
98baa0c511f8595f3a8b28c5ae1d69717b855791
-
SHA256
6a6cb2f1add8817b27b351e9c97fb7067bed9a24038a7a37ece26a7012c6b114
-
SHA512
618ef15305dd64d82e65e81fee659a59313998fab0d493accc122cc6795abbffcf1e31bcb1aff34413706c220777b3834a8f46240e60aca85e8d1d523f990deb
-
SSDEEP
6144:woGZATIJ/rRDAmZ0CI1jp8qTiAS1fW0PBJ+Y:woGGTM/hnZ0VayYv+Y
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-