711f31ab27f8b6aeb0531543e8310a0d.dll

General
Target

711f31ab27f8b6aeb0531543e8310a0d.dll

Size

255KB

Sample

201125-fn8l6qafcs

Score
10 /10
MD5

711f31ab27f8b6aeb0531543e8310a0d

SHA1

71ab68867f3a3945158f3183a312aac4bd89bfe2

SHA256

ac6e0692344b93b9f4e147ddac09b597ca51e268d4002174ccaa6982f57eb46e

SHA512

fb9128b16d2cb28101d947f5dc0889ac35bf387c9190137091d3bc8e4b1b8a60751f7a3e5aa0810a72d8a960cb4e442d02af2279d29bae338bdd3dfc00c2fda8

Malware Config

Extracted

Family qakbot
Botnet abc101
Campaign 1606294013
C2

98.115.243.237:443

78.101.21.73:443

185.163.221.77:2222

2.51.246.190:995

2.50.2.11:995

175.137.79.81:443

42.201.228.106:995

185.246.9.69:995

81.133.234.36:2222

24.205.42.241:443

73.239.229.107:995

102.185.58.126:443

173.245.152.231:443

105.101.216.210:443

89.137.195.167:995

174.76.21.134:443

41.238.217.126:6881

47.138.204.19:443

79.166.83.103:2222

92.154.83.96:1194

83.110.111.159:443

203.106.195.67:443

68.225.60.77:995

90.174.217.251:2222

73.166.10.38:995

83.110.226.174:443

109.177.80.59:2222

174.29.203.226:993

122.59.40.31:995

47.22.148.6:443

196.204.207.111:443

105.198.236.99:443

185.105.131.233:443

200.75.136.78:443

2.86.41.23:2222

83.196.50.197:2222

78.96.199.79:443

86.99.134.235:2222

109.106.69.138:2222

59.99.36.38:443

72.204.242.138:443

103.76.160.110:443

59.99.38.33:443

121.58.199.24:443

216.201.162.158:443

173.197.22.90:2222

217.165.2.92:995

83.110.13.182:2222

76.181.122.120:443

94.141.3.242:443

Targets
Target

711f31ab27f8b6aeb0531543e8310a0d.dll

MD5

711f31ab27f8b6aeb0531543e8310a0d

Filesize

255KB

Score
10 /10
SHA1

71ab68867f3a3945158f3183a312aac4bd89bfe2

SHA256

ac6e0692344b93b9f4e147ddac09b597ca51e268d4002174ccaa6982f57eb46e

SHA512

fb9128b16d2cb28101d947f5dc0889ac35bf387c9190137091d3bc8e4b1b8a60751f7a3e5aa0810a72d8a960cb4e442d02af2279d29bae338bdd3dfc00c2fda8

Tags

Signatures

  • Qakbot/Qbot

    Description

    Qbot or Qakbot is a sophisticated worm with banking capabilities.

    Tags

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation