aywhibo.exe.7z

General
Target

aywhibo.exe.7z

Size

238KB

Sample

201125-hek1aycxe6

Score
10 /10
MD5

a9c6e926ca85f8ec46f09b019eb53dbc

SHA1

423a3b93d7b1542a1e8115983a3400544bae328e

SHA256

f135cb54cc49b06b0a661d52c50894ea6e42140a5e0316dc721e47c105b4043b

SHA512

4f07588c0850890b15b1d16936858081a05f04aa5af31cd9911779db22f19c00b2eba9553ce4e7bd23670ded2e09c643283a1d5f4fe17687f1f32f355154ed47

Malware Config

Extracted

Family qakbot
Botnet abc023
Campaign 1603362336
C2

207.246.75.201:443

93.86.1.140:995

78.96.199.79:443

185.246.9.69:995

80.14.209.42:2222

72.186.1.237:443

92.59.35.196:2222

45.32.154.10:443

74.129.26.119:443

186.6.196.12:443

5.13.69.214:443

80.240.26.178:443

203.198.96.200:443

108.31.15.10:995

86.98.89.139:2222

156.213.186.133:443

72.36.59.46:2222

5.193.181.221:2078

59.99.39.32:443

108.46.145.30:443

86.164.27.33:2222

71.88.104.107:443

184.97.134.255:443

84.232.238.30:443

71.19.217.23:443

199.247.16.80:443

45.32.155.12:2222

45.32.155.12:443

81.133.234.36:2222

188.27.178.166:443

64.121.114.87:443

82.210.157.185:443

72.66.47.70:443

86.121.121.14:2222

173.3.17.223:995

86.126.7.5:443

45.32.155.12:995

96.30.198.161:443

207.246.70.216:443

140.82.27.132:443

45.32.165.134:443

45.63.104.123:443

155.186.9.160:443

41.228.250.61:443

217.162.149.212:443

41.225.13.128:8443

46.53.11.136:443

174.29.208.198:993

96.237.21.46:995

95.179.247.224:443

Targets
Target

nosto.exe

MD5

c5b92b47eeb6372edb232deae1bf47d7

Filesize

1MB

Score
1 /10
SHA1

7034a52f0ebc2fd0b38c130b229902e33a02c5ed

SHA256

6f5801587baf461e5a67f49bc6f4b400a8f458dc223f4d3ec9e2eafd9b062f5f

SHA512

e82535143ad12e85ee58b515c536f43a60c6324b79bfad304ac9f19c77ebb6eabd1604cf5d7fb0b8f7bb557ca2cfa11d564bf1d86063c662f3b124eb9c31f9ce

Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral2

                        1/10