General

  • Target

    doc_pack-244742780.xlsb

  • Size

    24KB

  • Sample

    201029-qzhcxhz1ex

  • MD5

    9a4acb9e5f1683db4f92c33d5ff69a73

  • SHA1

    24a146a2b8b2bf24543c4aa068348601c4e4e557

  • SHA256

    00b696d2239f03161c4cec14b3bc89ba588e67310988aed263795621a65c4436

  • SHA512

    a4c918b603397a45b4d748f535add32a2c202c96bae97553ab89aee9b6fbbaeca3f96ed80ecc403e5a1086e2b6070e6bebbc8e6d4975404288a2a064dd249894

Malware Config

Extracted

Family

qakbot

Botnet

tr01

Campaign

1603793855

C2

50.104.68.223:443

89.137.211.239:443

95.77.223.148:443

197.37.69.138:993

68.174.15.223:443

103.238.231.35:443

36.77.151.211:443

72.16.56.171:443

45.47.65.191:443

189.231.212.189:443

106.51.52.111:443

24.55.66.125:443

39.37.247.97:995

108.190.151.108:2222

203.198.96.61:443

73.228.1.246:443

35.134.202.234:443

188.50.230.249:995

86.120.64.150:2222

5.14.126.153:443

Targets

    • Target

      doc_pack-244742780.xlsb

    • Size

      24KB

    • MD5

      9a4acb9e5f1683db4f92c33d5ff69a73

    • SHA1

      24a146a2b8b2bf24543c4aa068348601c4e4e557

    • SHA256

      00b696d2239f03161c4cec14b3bc89ba588e67310988aed263795621a65c4436

    • SHA512

      a4c918b603397a45b4d748f535add32a2c202c96bae97553ab89aee9b6fbbaeca3f96ed80ecc403e5a1086e2b6070e6bebbc8e6d4975404288a2a064dd249894

MITRE ATT&CK Enterprise v6

Tasks