General
-
Target
1myPtKM47.exe
-
Size
843KB
-
Sample
200110-1r4anj6et2
-
MD5
8d5f0f08155f786c4497f40d2340074a
-
SHA1
14840d453853952849132892d00bbe0a6519662e
-
SHA256
4d92741dad73892e574cb0b783929d1b7ffe61eae0ee62cd37f96d96675ced81
-
SHA512
55f73fb41d3322f1b9f33f0fbff26e54a5c1d62f8024ebd53a71e1c414d21e67a4a6f31323e13a2892b2b0d6285e90e4d7fcf3af9f23458805ee72d0bee3f4f1
Task
task1
Sample
1myPtKM47.exe
Resource
win7v191014
Malware Config
Extracted
qakbot
1578386545
72.218.167.183:443
74.33.69.22:443
181.197.195.138:995
47.23.101.26:465
74.194.117.185:443
66.214.75.176:443
45.45.105.94:995
71.30.56.170:443
50.247.230.33:995
67.10.18.112:993
72.224.159.224:2222
173.3.132.17:995
173.79.220.156:443
75.165.181.122:443
70.62.160.186:6883
130.93.11.211:443
104.191.66.184:443
73.142.81.221:443
184.191.62.78:443
47.153.115.154:443
98.252.150.180:443
188.61.134.98:2222
45.45.105.94:443
24.229.245.124:995
76.180.69.236:443
138.122.5.214:443
206.51.202.106:50002
67.233.124.33:995
71.77.231.251:443
59.93.193.101:995
24.32.119.146:443
96.35.170.82:2222
12.5.37.3:443
207.178.109.161:443
72.16.212.107:465
75.131.72.82:443
68.174.15.223:443
172.242.9.118:995
12.5.37.3:995
5.182.39.156:443
24.27.82.216:2222
71.29.187.201:22
162.244.225.30:443
108.227.161.27:443
67.200.146.98:2222
104.235.95.38:443
72.187.35.131:443
104.3.91.20:995
68.49.120.179:443
24.191.227.91:2222
24.184.6.58:2222
67.214.21.207:443
104.35.127.108:2222
184.167.2.251:2222
75.110.250.89:443
72.142.106.198:465
173.73.29.192:443
64.19.74.29:995
183.83.119.151:443
81.103.144.77:443
2.50.157.233:443
75.70.218.193:443
162.244.224.166:443
100.40.48.96:443
72.209.191.27:443
2.51.247.64:995
201.152.181.193:995
80.14.209.42:2222
2.88.235.60:443
130.93.11.211:995
65.30.12.240:443
130.93.11.211:995
98.237.120.65:995
108.160.123.244:443
64.203.122.88:995
86.169.244.41:2222
50.78.93.74:995
75.81.25.223:995
47.138.5.199:443
74.71.216.1:443
207.179.194.91:443
35.134.202.234:443
74.194.4.181:443
23.240.185.215:443
75.110.104.164:443
184.74.101.234:995
73.226.220.56:443
66.222.88.126:995
100.4.185.8:443
65.185.84.240:443
173.61.231.209:443
172.243.153.211:443
173.22.120.11:2222
75.90.230.120:995
24.189.222.222:2222
75.131.72.82:995
208.126.142.17:443
70.126.76.75:443
69.92.54.95:995
47.40.244.237:443
108.39.114.84:443
178.86.235.231:443
1.172.108.75:443
71.233.73.222:995
72.29.181.77:2078
47.227.198.155:443
184.180.157.203:2222
174.48.72.160:443
68.1.115.106:443
67.246.16.250:995
70.177.25.99:443
93.177.144.236:443
75.130.117.134:443
47.39.76.74:443
24.202.42.48:2222
71.80.227.238:443
50.246.229.50:443
47.146.169.85:443
107.12.131.249:443
78.13.212.163:2222
205.250.79.62:443
32.208.1.239:443
68.117.216.167:443
166.62.180.194:2078
75.131.239.76:995
47.153.115.154:995
108.5.34.92:443
76.176.28.156:2222
173.31.178.20:443
97.84.226.90:443
108.184.199.131:443
152.208.21.141:443
73.104.218.229:0
109.169.196.111:21
70.124.29.226:443
98.121.187.78:443
72.190.101.70:443
98.118.162.34:443
104.34.186.27:995
190.217.1.149:443
96.242.232.231:443
97.96.51.117:443
74.96.151.6:443
74.134.35.54:443
72.228.3.116:443
47.155.19.205:443
73.200.219.143:443
84.47.204.253:995
80.121.142.33:993
98.148.177.77:443
Targets
-
-
Target
1myPtKM47.exe
-
Size
843KB
-
MD5
8d5f0f08155f786c4497f40d2340074a
-
SHA1
14840d453853952849132892d00bbe0a6519662e
-
SHA256
4d92741dad73892e574cb0b783929d1b7ffe61eae0ee62cd37f96d96675ced81
-
SHA512
55f73fb41d3322f1b9f33f0fbff26e54a5c1d62f8024ebd53a71e1c414d21e67a4a6f31323e13a2892b2b0d6285e90e4d7fcf3af9f23458805ee72d0bee3f4f1
-
Executes dropped EXE
-
Turn off Windows Defender SpyNet reporting
-
Loads dropped DLL
-
Adds Run entry to start application
-