General
-
Target
#Qbot downloader
-
Size
126KB
-
Sample
210927-xqzanshgg6
-
MD5
b4b3a2223765ac84c9b1b05dbf7c6503
-
SHA1
57bc35cb0c7a9ac6e7fcb5dea5c211fe5eda5fe0
-
SHA256
3982ae3e61a6ba86d61bd8f017f6238cc9afeb08b785010d686716e8415b6a36
-
SHA512
52b33c60f4f3b1043915fc595aaf1684fe558d82c778a8cb078916daa565f36f12d5fe023ea7611c39f0e2c48bb241eb481b02b2160ba4e97f402c9b75cae500
Static task
static1
Behavioral task
behavioral1
Sample
#Qbot downloader.xls
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
#Qbot downloader.xls
Resource
win10v20210408
Malware Config
Extracted
http://190.14.37.178/44466.7946528935.dat
http://185.183.96.67/44466.7946528935.dat
http://185.250.148.213/44466.7946528935.dat
Extracted
http://190.14.37.178/44466.8783346065.dat
http://185.183.96.67/44466.8783346065.dat
http://185.250.148.213/44466.8783346065.dat
Targets
-
-
Target
#Qbot downloader
-
Size
126KB
-
MD5
b4b3a2223765ac84c9b1b05dbf7c6503
-
SHA1
57bc35cb0c7a9ac6e7fcb5dea5c211fe5eda5fe0
-
SHA256
3982ae3e61a6ba86d61bd8f017f6238cc9afeb08b785010d686716e8415b6a36
-
SHA512
52b33c60f4f3b1043915fc595aaf1684fe558d82c778a8cb078916daa565f36f12d5fe023ea7611c39f0e2c48bb241eb481b02b2160ba4e97f402c9b75cae500
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-