eedf890068b1d6cc499b85b7c76da1df4393895299ae93f05fa3d8e0db7a8975 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-10_e1d4540dbb64d19f7a67a170df679e12_magniber_qakbot
Size

1.7MB
Sample

241010-gcxxpavamp
MD5

e1d4540dbb64d19f7a67a170df679e12
SHA1

63d5e58a360c9435cd9a2184912a34ff3231b67d
SHA256

eedf890068b1d6cc499b85b7c76da1df4393895299ae93f05fa3d8e0db7a8975
SHA512

70269aee22cab2b5a8658652cc75980dfb269d53dc2ad3a8804692cf93bd7406beaf222e0e3f2cc30ca27891417fd9314962247644fa9881eb64b28098dbb3f0
SSDEEP

24576:6WgTAHbMnTFNVk+iGEQnukBES4RqLlbp64k+oWcm4bnTrqv1Pjn:6WgebMn9TugaRwpNBsTY

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  2024-10-10_e1d4540dbb64d19f7a67a170df679e12_magniber_qakbot
- Size
  
  1.7MB
- MD5
  
  e1d4540dbb64d19f7a67a170df679e12
- SHA1
  
  63d5e58a360c9435cd9a2184912a34ff3231b67d
- SHA256
  
  eedf890068b1d6cc499b85b7c76da1df4393895299ae93f05fa3d8e0db7a8975
- SHA512
  
  70269aee22cab2b5a8658652cc75980dfb269d53dc2ad3a8804692cf93bd7406beaf222e0e3f2cc30ca27891417fd9314962247644fa9881eb64b28098dbb3f0
- SSDEEP
  
  24576:6WgTAHbMnTFNVk+iGEQnukBES4RqLlbp64k+oWcm4bnTrqv1Pjn:6WgebMn9TugaRwpNBsTY
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2