MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cbf910885a2c45d24e1d706b5f89174cee4f59a80aa9f35bcb333b9db2c5cb0f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information 2 Yara Comments

SHA256 hash: cbf910885a2c45d24e1d706b5f89174cee4f59a80aa9f35bcb333b9db2c5cb0f
SHA1 hash: 1cb707bd6f0b62722ed5032c33bd8a7c896c458b
MD5 hash: 2e6e56bc07cc7dede6088d07b98519eb
File name:qbot.exe
Download: download sample
Signature n/a
File size:687'104 bytes
First seen:2020-05-22 21:56:34 UTC
Last seen:2020-05-22 22:40:36 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 121ee380806b1b7dcc90f6f45430faa4
ssdeep 6144:ai8I6NWua+981ga1GmWtLDba7SfL+orPz5ETxX:B/4VaYaoe7STj
TLSH 8AE4F057D8AF9FABFDC3727591AEF8724202DE9DC22BE4631911B068F0A51D30936B41
Reporter @f0wlsec
Tags:Qakbot qbot trojan


Twitter
@f0wlsec
QBot Banking Trojan, Link to Dropper via Malspam -> VBS downloads payload

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 32
Origin country DE DE
ClamAV SecuriteInfo.com.Trojan.Inject3.40426.12068.26422.UNOFFICIAL
VirusTotal:Virustotal results 28.17%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe cbf910885a2c45d24e1d706b5f89174cee4f59a80aa9f35bcb333b9db2c5cb0f

(this sample)

  
Delivery method
Distributed via web download

Comments