General
-
Target
feb042ff4c45047461ea862eaa2cb800N.exe
-
Size
453KB
-
Sample
240829-al3qzatgle
-
MD5
feb042ff4c45047461ea862eaa2cb800
-
SHA1
161d1567f1310168b98012c1433f13f26532e574
-
SHA256
48f69aa10efdcebd13a2aad2289dedd2f3f816f94de45de2ba10ab207121c167
-
SHA512
7df910bd2df3a283378d40b1d44dea9edef2542ef6d69acf0526445084478d4707b7e1a5162b31288501964583c88c46a5ef92cc624e2b438844a568e1570aa0
-
SSDEEP
6144:jrywOE71J8JRO+njE2X2J/7vKsakTixuu8njF/EeBfCFHp:e+1+lFGwuu8njF/EqfCFHp
Malware Config
Extracted
qakbot
402.68
clinton25
1622023384
197.45.110.165:995
24.122.166.173:443
47.22.148.6:443
45.63.107.192:995
149.28.99.97:995
71.187.170.235:443
100.2.123.234:443
96.61.23.88:995
75.67.192.125:443
122.58.117.81:995
136.232.34.70:443
140.82.49.12:443
86.220.62.251:2222
68.186.192.69:443
92.59.35.196:2222
207.246.116.237:8443
207.246.77.75:995
144.202.38.185:995
207.246.77.75:443
207.246.77.75:2222
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Targets
-
-
Target
feb042ff4c45047461ea862eaa2cb800N.exe
-
Size
453KB
-
MD5
feb042ff4c45047461ea862eaa2cb800
-
SHA1
161d1567f1310168b98012c1433f13f26532e574
-
SHA256
48f69aa10efdcebd13a2aad2289dedd2f3f816f94de45de2ba10ab207121c167
-
SHA512
7df910bd2df3a283378d40b1d44dea9edef2542ef6d69acf0526445084478d4707b7e1a5162b31288501964583c88c46a5ef92cc624e2b438844a568e1570aa0
-
SSDEEP
6144:jrywOE71J8JRO+njE2X2J/7vKsakTixuu8njF/EeBfCFHp:e+1+lFGwuu8njF/EqfCFHp
Score10/10-
Qakbot/Qbot
Qbot or Qakbot is a sophisticated worm with banking capabilities.
-