MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 38cc60d96d146e02f46fe3102ecc61111b2e06258c0a1d8a44989d19e71be06b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Quakbot

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	38cc60d96d146e02f46fe3102ecc61111b2e06258c0a1d8a44989d19e71be06b
SHA3-384 hash:	d0fd4f180e7bf7d9133373926316e1f996b66c82073ae343cddaa0254b73806fbcef04bfe03777b698cdf8cc951687fe
SHA1 hash:	73300cf7a616a05e175ae4be611595f07a59a98f
MD5 hash:	9eff66dd9b4af8d717b391f2480f0685
humanhash:	hamper-wyoming-april-dakota
File name:	XS.vbs
Download:	download sample
Signature	Quakbot Create hunting rule
File size:	9'544 bytes
First seen:	2022-11-22 16:23:19 UTC
Last seen:	Never
File type:	vbs
MIME type:	text/plain
ssdeep	192:NeSjpUorcl/E4hp3aD/OCMhiEe1mUS1G0vdzgW20fkbsgTbpQt:A4pnrcpE4hpPCMhidmnGm80jWb4
TLSH	T12B124B9B3C02389D01B756F3E65E14BED80A2DF7489254791C5DF8700D187EA3D1D997
Reporter	pr0xylife
Tags:	1669024152 BB07 Qakbot Quakbot vbs

Intelligence

File Origin

# of uploads :

1

# of downloads :

221

Origin country :

RU

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/337298/

Verdict:

Suspicious

Threat level:

5/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/637cf7a49c57db591d88be4e/reports/8abf14a3-c533-4ae7-96d3-636b69993f33/overview

Result

Verdict:

UNKNOWN

Details

Base64 Encoded URL

Detected an ANSI or UNICODE http:// or https:// base64 encoded URL prefix.

Result

Threat name:

Unknown

Detection:

suspicious

Classification:

n/a

Score:

21 / 100

Link:

https://www.joesandbox.com/analysis/1119074

Signature

Potential malicious VBS script found (suspicious strings)

Behaviour

Behavior Graph:

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/38cc60d96d146e02f46fe3102ecc61111b2e06258c0a1d8a44989d19e71be06b/

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=hdggbwlncrxaf5dp4mic5tdbcens4brfrqfb3csetcortzy34bvq._file

Verdict:

unknown

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/221122-twcr3sdd6x/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/38cc60d96d146e02f46fe3102ecc61111b2e06258c0a1d8a44989d19e71be06b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape

Cape

https://www.capesandbox.com/analysis/337298/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample