General
-
Target
qalam200.rar
-
Size
3.0MB
-
Sample
240122-pl1c6sfhg9
-
MD5
fa2ae3e24dd76aaa00357873ddad59a3
-
SHA1
70fb9725f0263cb5a498939bf3795fc66ce3e50b
-
SHA256
bd2d64fc97325bdc1a6cf92e7684854da8eaf28756696e91a4998fc87e1353f0
-
SHA512
8fbaa4919bc5d00a38c9e045edbf0d5b04eef1a51176cc7c49bb1f0b1473ac5f518cc3ffcba386e3afc56ae122c35dd67221d1d8dbfe8a63309a1ece1c598f9c
-
SSDEEP
49152:6+/3e+UeoGNIBonpRQvwW808HatKWunW8KWRzeOK5NxA0I9Y+pCPuTkpSszjcKi:6+Pe+UaIQpiwe88h6FVQCh9LcKkIaI
Malware Config
Targets
-
-
Target
WPLOCKER.COM.url
-
Size
115B
-
MD5
f1f9acbce5825c1e509504a1c596dca1
-
SHA1
bac324a13ed96370a1a70fdc538fa50e3392676a
-
SHA256
197eb5ee20d31cc5110d8467dfd9e8546761cd41d2128c49cfc49e863532fcea
-
SHA512
2eca34ab7d57357f03f7900773882c64f7cec8c98fa4edbb55d06cb39b5fa98900630878a4fec10caf8416cbf3446a10ea87211c159b71ac682a87d3bda1b752
Score6/10-
Checks whether UAC is enabled
-
-
-
Target
qalam/assets/js/html5.js
-
Size
10KB
-
MD5
5ee990907b315027da600eeeaee2e04b
-
SHA1
a5767b8325822da1212f702e79aea069747e4747
-
SHA256
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
-
SHA512
18050136fa0818373b42c9f60f3c0baafc1b17af9231858fd20ae54a70fb9ec2aad9bc32dc914c3d99ccf2dd63b0c1caa0cce2f291cfa4d923da73e22b2e9ab3
-
SSDEEP
192:BbydQcx/vJLQ3oLpr3ep1JKpFe37j88fMUnK97jX5SMBXSG5i9+DxQTQ5pvhXaZM:BbydQk/vJLQ3oFs1JKDe37Y8fMUnK97J
Score1/10 -
-
-
Target
qalam/assets/js/qalam.frontend.js
-
Size
8KB
-
MD5
c4b0bc1cc2116f6ab9af36efdc431900
-
SHA1
53e98974797c28ffa7ca9a5146389d7e6082390f
-
SHA256
2438a4f35683bfe1524abdd7110734cad4f232181da4b49e9981347ea74f0afe
-
SHA512
186d590b4f81cc0454ad27c244909fdb5a185a661de9d9e39df38ca3b32c58d0aa6547314c84efb56f5ca078ba1826d595497ae3197669d73a75acb603f289bd
-
SSDEEP
96:3B+y9W+assJ8e9um+SYTsmVZJdcr6C3eKgOoeYYqUVirVJn:t+N+pYmwXj47d
Score1/10 -
-
-
Target
qalam/assets/webfonts/fa-brands-400.ttf
-
Size
185KB
-
MD5
bb8cd014d7a55672934233c354e1c4a3
-
SHA1
d8b3568e9d8a1d3c01c85520eb9ca0b49b72815d
-
SHA256
003f11541856a649a6c8235c6266c8936224c5d609e51442da24dc5556d14fbf
-
SHA512
b541d7b00823512999e0a2cf87f2c551335c2879bd43a974dfad9a92f7c04d2b3d3bddb4cb723a84ca8385480de426acc0e86b506bd75a567f1a182588deaea7
-
SSDEEP
3072:QKLQq624uZJ6+E02aqPrBG6h5hpUnV2Zf4OhJntJZDwm+G2X7z/:oD24kJ6+E02aqPFfuSf4OBJZD0Gmn/
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
qalam/assets/webfonts/fa-brands-400.woff2
-
Size
107KB
-
MD5
005c9aa92b564b73b7582cc4f1fa49cb
-
SHA1
373361ed756b1fe68ce2f5968d467826b6973bb5
-
SHA256
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
-
SHA512
cf057683226d25fab8518295d9a2bbc7261b85a0e911d323f949719b6484beb99843887ac634e58f21988c5af3b8d825b8289cbfe29b2d4e1817016be1499bba
-
SSDEEP
1536:598+segXMbYt4ZF+jfdgY0q+JtV63kYFF8ChI+2F2aqQPj+QU0yXbO/YvSdE:AeeemxT+kkgeChI+20aqqDhcSK
Score3/10 -
-
-
Target
qalam/assets/webfonts/fa-regular-400.ttf
-
Size
61KB
-
MD5
675809e48e35c47d51c7d6fcc687ee28
-
SHA1
2d7890e12afb77490112ec57fe47ca0688aebda2
-
SHA256
7d81a1a7cc07e1ab196e40496d3f4359e9759f79d8ec883a46675ee69912950b
-
SHA512
bc8076026b53eadb58d99c29d5770b434f3449c4b5c7f309d88b515e30dce623a4073b3756bb8ef2ed014f9647d7256d8a9b126d6385b14d29a94d5c13436a2f
-
SSDEEP
768:4C0nfIqu8uiW3TmbOsvpQG/o1rONx7mKMp/df7Ck2kKUGzssSWI7nGNPG+Wb:4CmXuAW3TmvqGO5f7Ck2kSssSVIo
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
qalam/assets/webfonts/fa-regular-400.woff2
-
Size
23KB
-
MD5
747442fa76f1d9a31f9a54a2e8a4b448
-
SHA1
07fc0ae14bb3187839082aed3bca11dfb1e04524
-
SHA256
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
-
SHA512
274dbe5bc31c560d2cc2d15afe5485687b2f7dd0ee24ffed99627310ea36a6a3cc1c91e22368f909d056f4faab051838d469e0bfe8a30169b735aca5eb0f402f
-
SSDEEP
384:Ok8mTTNu15tM1xuB9dYY7YRHmOdjzUJsAr4p8Oq7kpPyXBpqrhDRBybCpMuT33SI:OGg15tM1xuBYY7YRHmcjzUJJr4p8Oq7a
Score3/10 -
-
-
Target
qalam/assets/webfonts/fa-solid-900.woff2
-
Size
146KB
-
MD5
d5e647388e2415268b700d3df2e30a0d
-
SHA1
97f0942c6627ddd89fb62170e5cac9a2cbd6c98c
-
SHA256
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
-
SHA512
50b2ffd7537d0424286936cb7ba566004a664f447e4aaac8fa40ceb2850ead6cdb39c957515ae05a07aaeb8f6e3e428c4b95e4efa3edcadc9473e9e200bb47d6
-
SSDEEP
3072:vPtxURbSTtDXSLXe0itudYTPEnus4blfNUqKrC7ZOBS9C3bzlLX4/NKOTD5:P15Die0UPblfNUqLZg9I/Qk5
Score1/10 -
-
-
Target
qalam/includes/bfi_thumb.php
-
Size
27KB
-
MD5
8d753749377b986dbb2d59aa4600bbc1
-
SHA1
e2e89a4086aca00c090436959aeddff3a3d1a62b
-
SHA256
b3c481a044544e2c281490d942bad721fd5aaaacd4f9be9eec9ae1145d25821e
-
SHA512
2280bff32360e03ee9c5dab33bca74d1590768d84e01b00bd06ac3d0cfc74107cd7f1e5cdc8f65bce7ac932c8c6f6a1336097fa1e8f33a866f1e326778f6ea8a
-
SSDEEP
768:0J1CEWbH89xZAQziVOIRjftdAF3OewOQBxXYADqD0A:YVZzziVOIZftdAF+ewOQrIAD69
Score1/10 -
-
-
Target
qalam/includes/class-tgm-plugin-activation.php
-
Size
125KB
-
MD5
a326c29143544581276b9b5f20ea0137
-
SHA1
b7667dcbb7eabdc4164f4ace8ab0ee79ad1b726a
-
SHA256
0aec1ee5ca0a80b31d5b8f5e4fa18bfa6952b5fd6a8da0101616557cff4baad9
-
SHA512
0697d2abdeebfe2899ca16783840b675980cd76fe4f6b68c74a0d3bd4aba61256a537a3067d6e07b5ff55a4ed8434d9126cc96f6305d6929fc905777be1cd6b0
-
SSDEEP
1536:44nUvIN7/waHzx1UIZvuuGrWSoV+axJfBMGZ1uNuaj:zUS1UI5krns/fBMAu8aj
Score1/10 -
-
-
Target
qalam/languages/qalam.pot
-
Size
33KB
-
MD5
8b9aa544fd43bd1af4c306ae04b2645d
-
SHA1
ee35c0f4b56da059b64087f505937ef5c949e2db
-
SHA256
b1fe8519112cad19ea3828e3e49d3d6442e7821151c1119c5f526538f71f1dcf
-
SHA512
d031619cd8595e73613965e05641f6a29769bbb3a3c529f84221cca5fc0829a10de2075fb3210a12148a24826aa87478b6e5fe743b70684b3b41a14304e966f6
-
SSDEEP
192:r3w/5NHl3lSFFlkcUCQZKV++3pBRlZPd/AOFZjm+kLl3oICf9RYCak+pi+j4JA+n:r3wib6BZoVPvZ9IChCpzjmNpyTe
Score1/10 -
-
-
Target
wp-post-modules-el/assets/js/jquery.easing.min.js
-
Size
5KB
-
MD5
c77b4eebe930c9b3acc2b9b0c4d34dfa
-
SHA1
e1a088174c2e503774620f76fafd22edd09eed77
-
SHA256
a2eb0322dec532fa9bf11203ecec38d591d4a30cf3db2f0eb7dbb46bd47596ef
-
SHA512
06ee8e56c4f6763d916b15feeb1304eebd0076a557e1695fbb7408334ad1142dc2c131771cc4908107403723df305556eb606715e985ee2fa4662f9de6ae93b5
-
SSDEEP
96:lUXjgR10OrPJrFJzhOroq3w3znhGDzAeBVwn1mEfruTNSIPXF5nAvWe2Hkq9K0IR:ykIOrPJrLEsq3w3r4DzBHimISTNSgXHu
Score1/10 -
-
-
Target
wp-post-modules-el/assets/js/jquery.marquee.min.js
-
Size
5KB
-
MD5
b7c9c39ed52f0f4e1370d10548926c05
-
SHA1
2d64b188c976ddc3c967475fb075800316bc7a61
-
SHA256
2695e026db2755f4ffa16d54fe7c6180e0b0db05c33c999e04bbf29187297404
-
SHA512
db3389ea0b342ea2187b69a17faa9b55a94b4597c4abfa7d4c3ea94d6edb7c4768b19128fb064799a2463239213d260b539a039cda88e9db9a16068632cf1cdc
-
SSDEEP
96:zc/kEBXJti6c+uoTAeJCnR3QJmhZdovKyeHNqWxd6HfQdvHfDj9xHfPmz3M:zc/kEBHn6HhLovzetqWL6YlLDmA
Score1/10 -
-
-
Target
wp-post-modules-el/assets/js/owl.carousel.min.js
-
Size
39KB
-
MD5
d4adc7f8ca47190716054f8b2c9ff372
-
SHA1
69711cfdac71efcdeb9287d2559f8985e00655e4
-
SHA256
1a246cc42fe8e73cb4effeec4dab08f6886efffc460a4af56bca82796f1b5aef
-
SHA512
b55d63efc6979ab998cc62033ed2adadf9af28013ba361973c13b4c0868236fa08112fce6d901dc0e000f788492e56c3865e7b5c7a2ec104dff0641137a99f8d
-
SSDEEP
768:MCcOAI6+gyfJ78tKOGOrnepjMzZG+uluJe+KSzVc79ThcGP:1cORlJ78m2cw8
Score1/10 -
-
-
Target
wp-post-modules-el/assets/js/wppm-el.frontend.js
-
Size
13KB
-
MD5
d492a1457aef7a82c26d427610b67187
-
SHA1
99e728d484984f309a1f34a18ac39f0d6199fe4d
-
SHA256
e445a313bd82b7efa4e53e288118a69dc0abc4d7390c4f600707dcaaf4fb07ef
-
SHA512
4d00222e01248023662eabcdeaa78698d71188665291209f6d333ac88e7b8f239af9ad7e4f175677d3b697c1abbabb97f1b6567fedb2bb523070eefc0272ed9b
-
SSDEEP
192:04ukQ1MVDFW9tpDXJvvDXCfbSDXqbNnDLDDXBsP:04zkxX1XPXEvXBsP
Score1/10 -
-
-
Target
wp-post-modules-el/assets/js/wppm-el.frontend.min.js
-
Size
5KB
-
MD5
f1bfa148e899ed83a9ad84d7ee2f7fd6
-
SHA1
aca86d34f6ede64bf828a74db2a479421c50d679
-
SHA256
0a19f445b5baf9e99e2f425787bef924575cd83e468ecf5ec3701ddf6489754a
-
SHA512
5534825d212285df973c507933697de27a24744141af81d7fe96498b4f7c059f4ea2bc8ab0c9eb3fdf4065e26e67b1647ee51cd19fca9eb9781bbf4ff15afb10
-
SSDEEP
96:uVrofiQTDgvoQDBgZBFDDBBFpwpA79uSnDBBFiQz4nDBBFfzz/X88Ct7pDBBFXt3:sr6MoQDB4FDDBBFpF79u8DBBFi5DBBFw
Score1/10 -