General
-
Target
lhuft.exe
-
Size
717KB
-
Sample
200109-pvvhk66ab2
-
MD5
fb95f25c5c1b96f226c78f614509f1f7
-
SHA1
e43db8ac3015dd16a9a74eed6642b9b85dfd1c92
-
SHA256
7f90029d8bb4d49d1001a65f4d139f1a2b630b420e5caf4315e5d3da43d603b2
-
SHA512
ae1c4c93dc5ad50a9a3d7a5d70ef3ab405f8f6b936b56324034329318699124c746a6440fdd61f1df4531e86fc67f4f243e772fc2df7f70947eca6f1d7fecfe2
Task
task1
Sample
lhuft.exe
Resource
win7v191014
Malware Config
Extracted
qakbot
1577715876
80.14.209.42:2222
207.237.1.152:443
74.96.151.6:443
137.99.224.198:443
172.221.45.151:443
71.30.56.170:443
184.191.62.78:443
73.195.20.237:443
173.3.132.17:995
71.88.220.181:443
64.19.74.29:995
47.23.101.26:465
208.126.142.17:443
66.214.75.176:443
75.97.151.96:995
45.45.105.94:995
71.226.140.73:443
45.45.105.94:443
24.229.245.124:995
76.180.69.236:443
138.122.5.214:443
174.101.35.214:443
206.51.202.106:50002
162.244.224.166:443
24.32.119.146:443
130.93.11.211:443
73.133.46.105:995
98.118.162.34:443
12.5.37.3:443
71.77.231.251:443
172.242.9.118:995
75.165.141.78:443
12.5.37.3:995
108.227.161.27:443
162.244.225.30:443
100.1.47.98:443
24.229.150.54:995
72.187.35.131:443
46.248.61.176:995
68.49.120.179:443
24.191.227.91:2222
98.252.150.180:443
184.167.2.251:2222
67.214.21.207:443
47.180.66.10:443
72.190.101.70:443
70.124.29.226:443
100.38.164.182:443
100.40.48.96:443
47.182.89.157:443
75.110.250.89:443
67.10.18.112:993
173.73.29.192:443
72.142.106.198:465
181.126.80.118:443
173.172.205.216:443
68.174.15.223:443
72.16.212.107:465
75.131.72.82:443
207.179.194.91:443
74.194.4.181:443
35.134.202.234:443
172.78.87.180:443
23.240.185.215:443
184.74.101.234:995
66.222.88.126:995
100.4.185.8:443
173.22.120.11:2222
104.3.91.20:995
73.226.220.56:443
75.90.230.120:995
75.131.72.82:995
24.189.222.222:2222
67.175.106.199:443
64.250.55.239:443
2.50.157.233:443
107.5.252.194:443
98.237.120.65:995
66.171.8.157:443
96.241.184.247:443
71.220.197.129:443
72.209.191.27:443
100.38.123.22:443
104.152.16.45:995
96.236.196.34:443
67.141.21.18:443
200.84.4.84:2222
104.191.66.184:443
96.227.138.53:443
64.203.122.88:995
108.39.114.84:443
73.239.11.160:443
47.185.43.243:443
108.190.148.31:2222
108.49.221.180:443
138.122.5.214:443
81.147.42.129:2222
47.138.5.199:443
206.255.41.196:443
71.233.73.222:995
71.80.227.238:443
201.152.128.154:995
86.140.13.103:2222
97.96.51.117:443
107.12.131.249:443
74.71.216.1:443
24.202.42.48:2222
67.246.16.250:995
75.70.218.193:443
86.169.244.41:2222
69.207.20.233:443
32.208.1.239:443
74.33.69.22:443
75.165.181.122:443
205.250.79.62:443
76.23.204.29:443
47.227.198.155:443
72.29.181.77:2078
47.146.169.85:443
176.205.63.149:995
72.28.255.159:443
184.180.157.203:2222
174.48.72.160:443
70.177.25.99:443
46.153.47.127:443
75.121.10.204:443
184.4.192.200:443
66.90.149.186:443
68.1.115.106:443
89.242.145.107:2222
74.105.139.160:443
50.78.93.74:995
2.190.199.153:443
207.178.109.161:443
216.152.7.12:443
166.62.180.194:2078
47.153.115.154:995
162.248.148.114:443
181.197.195.138:995
138.122.5.214:2222
73.84.179.163:0
117.204.232.187:995
78.13.212.163:2222
96.242.232.231:443
75.142.59.167:443
173.79.220.156:443
24.27.82.216:2222
62.103.70.217:995
98.171.66.125:443
72.228.3.116:443
Targets
-
-
Target
lhuft.exe
-
Size
717KB
-
MD5
fb95f25c5c1b96f226c78f614509f1f7
-
SHA1
e43db8ac3015dd16a9a74eed6642b9b85dfd1c92
-
SHA256
7f90029d8bb4d49d1001a65f4d139f1a2b630b420e5caf4315e5d3da43d603b2
-
SHA512
ae1c4c93dc5ad50a9a3d7a5d70ef3ab405f8f6b936b56324034329318699124c746a6440fdd61f1df4531e86fc67f4f243e772fc2df7f70947eca6f1d7fecfe2
-
Executes dropped EXE
-
Turn off Windows Defender SpyNet reporting
-
Loads dropped DLL
-
Adds Run entry to start application
-