Overview

overview

10

Static

static

c972346b25...6c.dll

windows7_x64

10

c972346b25...6c.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c972346b25a36cb3ddaeb4ede844d18711cbbf8226d74075879e5d8b49b8d46c.dll

  • Size

    2.2MB

  • Sample

    201223-7vz6119se6

  • MD5

    61e8905be3070fa88942c3abdb300394

  • SHA1

    d06b2db986cdf55b282c85381e03da2139ed6454

  • SHA256

    c972346b25a36cb3ddaeb4ede844d18711cbbf8226d74075879e5d8b49b8d46c

  • SHA512

    8442edc5aa6e7485bf35955c31ac1f5566afc76e9dfb6169f65cd7d4072945c241e8ec4889f55197080e51f3917f77d1cd1acb1c7085eb8de7d9f21781a6399a

Score
10/10
qakbottr02s1608638923bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Botnet

tr02s

Campaign

1608638923

C2

41.230.209.182:443

35.134.202.234:443

73.166.10.38:50010

172.87.157.235:3389

24.216.56.6:443

184.179.14.130:22

24.152.219.253:995

67.209.195.198:443

86.98.89.36:2222

47.146.169.85:443

197.135.60.192:443

90.201.21.58:443

81.214.126.173:2222

37.116.152.122:2078

64.225.166.16:2222

187.7.236.197:995

47.196.192.184:443

82.12.157.95:995

2.50.161.6:2222

83.110.213.49:443

Targets

    • Target

      c972346b25a36cb3ddaeb4ede844d18711cbbf8226d74075879e5d8b49b8d46c.dll

    • Size

      2.2MB

    • MD5

      61e8905be3070fa88942c3abdb300394

    • SHA1

      d06b2db986cdf55b282c85381e03da2139ed6454

    • SHA256

      c972346b25a36cb3ddaeb4ede844d18711cbbf8226d74075879e5d8b49b8d46c

    • SHA512

      8442edc5aa6e7485bf35955c31ac1f5566afc76e9dfb6169f65cd7d4072945c241e8ec4889f55197080e51f3917f77d1cd1acb1c7085eb8de7d9f21781a6399a

    Score
    10/10
    qakbottr02s1608638923bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks