b5b4.exe

Target

b5b4.exe

Size

684KB

Sample

191216-2se5jb3s4x

Score

10 ^/10

MD5

d2399ff437e5106ea2af89a0125c6866

SHA1

07977968e44bf117673443a6ebfaa5f69929a6df

SHA256

b5b4b488a0a8f8ad6c5a738c2bc7dcbd7c198005d6adf2297b6f482b748440f6

SHA512

f72eb5ecf5c7579351772c1105ffb276e7896b763b8fe3b06a0df80d891cc3b6b107646aebcb64cd758a2dd1b049afd0b6f06059291a6ecf69899205f7f90442

Extracted

Family	qakbot
Campaign	1576221125
C2	72.187.35.131:443 188.61.134.98:2222 47.153.115.154:995 75.130.117.134:443 174.131.181.120:995 24.32.119.146:443 184.101.230.153:443 70.124.29.226:443 47.227.198.155:443 12.176.32.146:443 172.89.144.89:995 66.214.75.176:443 99.228.5.106:443 98.237.120.65:995 206.51.202.106:50002 50.247.230.33:995 96.37.137.42:443 73.226.220.56:443 70.164.39.91:443 104.152.16.45:995 24.184.6.58:2222 201.152.199.156:995 72.183.255.148:443 5.182.39.156:443 72.16.212.107:465 162.244.224.166:443 63.230.17.215:995 75.131.72.82:995 67.10.18.112:993 75.131.72.82:443 196.194.66.31:2222 197.82.208.68:995 181.126.80.118:443 67.214.21.207:443 32.208.1.239:8443 72.47.115.182:443 47.40.244.237:443 173.31.178.20:443 2.187.66.157:995 66.169.209.201:443 181.197.195.138:995 201.188.10.16:443 67.246.180.90:443 74.134.35.54:443 70.174.21.130:443 207.178.109.161:443 75.182.214.87:443 24.189.222.222:2222 104.34.186.27:995 23.240.185.215:443 107.144.199.177:443 138.122.5.214:443 69.21.112.118:2222 67.160.63.127:443 96.227.138.53:443 184.167.2.251:2222 50.78.93.74:995 71.77.231.251:443 73.179.178.78:443 68.134.181.98:443 117.204.227.13:995 108.46.22.47:443 67.190.189.217:443 73.200.219.143:443 62.47.252.79:993 173.81.22.235:443 74.33.70.219:443 111.125.70.30:2222 73.104.218.229:0 68.100.248.78:443 123.252.128.47:443 100.38.123.22:443 98.148.177.77:443 108.55.23.221:443 72.29.181.77:2078 90.91.93.28:2222 75.81.25.223:995 75.110.250.89:443 184.180.157.203:2222 162.244.225.30:443 104.235.114.14:443 2.50.157.249:443 187.163.139.94:993 68.49.120.179:443 47.214.144.253:443 97.93.211.17:443 76.101.26.55:443 24.196.158.28:443 45.45.105.94:995 71.30.56.170:443 174.48.72.160:443 75.70.218.193:443 12.5.37.3:995 108.227.161.27:443 75.131.239.76:995 67.246.16.250:995 166.62.180.194:2078 72.224.159.224:2222 173.3.132.17:995 24.229.245.124:995 45.45.105.94:443 67.223.197.156:443 72.218.167.183:443 108.27.217.44:443 64.33.68.198:443 108.160.123.244:443 184.191.62.78:443 192.40.225.168:443 74.71.216.1:443 65.30.12.240:443 24.202.42.48:2222 107.12.140.181:443 75.170.56.34:995 74.194.4.181:443 96.35.170.82:2222 173.172.205.216:443 24.201.79.208:2078 107.12.131.249:443 98.121.187.78:443 68.39.177.147:995 68.83.59.107:443 122.164.142.91:443 100.4.185.8:443 70.120.151.69:443 173.22.120.11:2222 12.5.37.3:443 64.250.55.239:443 98.252.150.180:443 72.211.97.57:443 47.146.169.85:443 71.226.140.73:443 104.3.91.20:995 207.162.184.228:443 173.61.231.209:443 116.58.100.130:443 176.205.63.149:995 64.19.74.29:995 172.242.9.118:995 70.177.25.99:443 208.126.142.17:443 47.23.101.26:465 184.74.101.234:995 97.122.229.88:993 174.82.131.155:995 172.78.87.180:995 108.45.183.59:443 68.174.15.223:443 73.137.187.150:443 68.238.56.27:443 181.135.235.70:443 72.187.35.131:443 188.61.134.98:2222 47.153.115.154:995 75.130.117.134:443 174.131.181.120:995 24.32.119.146:443 184.101.230.153:443 70.124.29.226:443 47.227.198.155:443 12.176.32.146:443 172.89.144.89:995 66.214.75.176:443 99.228.5.106:443 98.237.120.65:995 206.51.202.106:50002 50.247.230.33:995 96.37.137.42:443 73.226.220.56:443 70.164.39.91:443 104.152.16.45:995 24.184.6.58:2222 201.152.199.156:995 72.183.255.148:443 5.182.39.156:443 72.16.212.107:465 162.244.224.166:443 63.230.17.215:995 75.131.72.82:995 67.10.18.112:993 75.131.72.82:443 196.194.66.31:2222 197.82.208.68:995 181.126.80.118:443 67.214.21.207:443 32.208.1.239:8443 72.47.115.182:443 47.40.244.237:443 173.31.178.20:443 2.187.66.157:995 66.169.209.201:443 181.197.195.138:995 201.188.10.16:443 67.246.180.90:443 74.134.35.54:443 70.174.21.130:443 207.178.109.161:443 75.182.214.87:443 24.189.222.222:2222 104.34.186.27:995 23.240.185.215:443 107.144.199.177:443 138.122.5.214:443 69.21.112.118:2222 67.160.63.127:443 96.227.138.53:443 184.167.2.251:2222 50.78.93.74:995 71.77.231.251:443 73.179.178.78:443 68.134.181.98:443 117.204.227.13:995 108.46.22.47:443 67.190.189.217:443 73.200.219.143:443 62.47.252.79:993 173.81.22.235:443 74.33.70.219:443 111.125.70.30:2222 73.104.218.229:0 68.100.248.78:443 123.252.128.47:443 100.38.123.22:443 98.148.177.77:443 108.55.23.221:443 72.29.181.77:2078 90.91.93.28:2222 75.81.25.223:995 75.110.250.89:443 184.180.157.203:2222 162.244.225.30:443 104.235.114.14:443 2.50.157.249:443 187.163.139.94:993 68.49.120.179:443 47.214.144.253:443 97.93.211.17:443 76.101.26.55:443 24.196.158.28:443 45.45.105.94:995 71.30.56.170:443 174.48.72.160:443 75.70.218.193:443 12.5.37.3:995 108.227.161.27:443 75.131.239.76:995 67.246.16.250:995 166.62.180.194:2078 72.224.159.224:2222 173.3.132.17:995 24.229.245.124:995 45.45.105.94:443 67.223.197.156:443 72.218.167.183:443 108.27.217.44:443 64.33.68.198:443 108.160.123.244:443 184.191.62.78:443 192.40.225.168:443 74.71.216.1:443 65.30.12.240:443 24.202.42.48:2222 107.12.140.181:443 75.170.56.34:995 74.194.4.181:443 96.35.170.82:2222 173.172.205.216:443 24.201.79.208:2078 107.12.131.249:443 98.121.187.78:443 68.39.177.147:995 68.83.59.107:443 122.164.142.91:443 100.4.185.8:443 70.120.151.69:443 173.22.120.11:2222 12.5.37.3:443 64.250.55.239:443 98.252.150.180:443 72.211.97.57:443 47.146.169.85:443 71.226.140.73:443 104.3.91.20:995 207.162.184.228:443 173.61.231.209:443 116.58.100.130:443 176.205.63.149:995 64.19.74.29:995 172.242.9.118:995 70.177.25.99:443 208.126.142.17:443 47.23.101.26:465 184.74.101.234:995 97.122.229.88:993 174.82.131.155:995 172.78.87.180:995 108.45.183.59:443 68.174.15.223:443 73.137.187.150:443 68.238.56.27:443 181.135.235.70:443

Target

b5b4.exe

MD5

d2399ff437e5106ea2af89a0125c6866

Filesize

684KB

Score

10 ^/10

SHA1

07977968e44bf117673443a6ebfaa5f69929a6df

SHA256

b5b4b488a0a8f8ad6c5a738c2bc7dcbd7c198005d6adf2297b6f482b748440f6

SHA512

f72eb5ecf5c7579351772c1105ffb276e7896b763b8fe3b06a0df80d891cc3b6b107646aebcb64cd758a2dd1b049afd0b6f06059291a6ecf69899205f7f90442

Related Tasks

task1 task2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

task1

trojan evasion spreading persistence family qakbot

10^/10

task2

trojan evasion spreading persistence family qakbot

10^/10

Extracted

Tags

Related Tasks

task1

task2