MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7704a800d825109caf7c28429b70573be54239162b66e7d008ea031c7b435672. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 2 Yara 1 Comments

SHA256 hash: 7704a800d825109caf7c28429b70573be54239162b66e7d008ea031c7b435672
SHA1 hash: 90275a84bea8c6131a372e03e7303b4a8425eb47
MD5 hash: 34a663bd91627cdf9fc097ae14c15197
File name:34a663bd91627cdf9fc097ae14c15197.exe
Download: download sample
Signature Quakbot
File size:701'952 bytes
First seen:2020-05-22 10:29:54 UTC
Last seen:2020-05-22 11:46:11 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 3b506ddfdbd859c984f2285658dac399
ssdeep 12288:jIVIVaOBba7o4OJ7YpuC2Oj2XhXYV4NaM9WKMfFs:jIhOBLNiuC2UO2YaU69
TLSH 56E4F043F16FCBAAECD30036C5AEB5B46612BFF6EA0B90173A80BD6DF4712960419751
Reporter @abuse_ch
Tags:exe Quakbot


Mail intelligence No data
# of uploads 2
# of downloads 30
Origin country FR FR
VirusTotal:Virustotal results 56.94%

Yara Signatures

Rule name:win_qakbot_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 7704a800d825109caf7c28429b70573be54239162b66e7d008ea031c7b435672

(this sample)

Delivery method
Distributed via web download