General

  • Target

    423323 (1).jpg

  • Size

    1.5MB

  • Sample

    210118-vqn1lctqpe

  • MD5

    1f2f24719b0844a83c1166b12a5d2e48

  • SHA1

    1c80b70945ad6017075a2fc67028e42658ede2d7

  • SHA256

    1cd745e315af3cbd5c407535ed09952f3584c0279e84d650cc1c958cceffb85e

  • SHA512

    ffe4c6d66b07e20ec82cfba6a8e3ee74a9a1af831dfcb2609449bb92e2de408a117cfb374f41083b5ebf5b17c53c684b02defff3e904d20dcbbcbbdbcdef7776

Malware Config

Extracted

Family

qakbot

Botnet

abc117

Campaign

1608747966

C2

67.6.54.180:443

187.250.170.34:995

67.141.11.98:443

109.154.79.222:2222

2.88.184.160:443

85.52.72.32:2222

86.98.21.234:443

73.166.10.38:50003

90.61.30.155:2222

71.182.142.63:443

178.223.22.192:995

184.189.122.72:443

181.39.236.199:443

72.240.200.181:2222

154.238.45.174:995

47.22.148.6:443

2.51.251.47:995

199.19.117.131:443

200.76.215.87:443

37.104.39.32:995

Targets

    • Target

      423323 (1).jpg

    • Size

      1.5MB

    • MD5

      1f2f24719b0844a83c1166b12a5d2e48

    • SHA1

      1c80b70945ad6017075a2fc67028e42658ede2d7

    • SHA256

      1cd745e315af3cbd5c407535ed09952f3584c0279e84d650cc1c958cceffb85e

    • SHA512

      ffe4c6d66b07e20ec82cfba6a8e3ee74a9a1af831dfcb2609449bb92e2de408a117cfb374f41083b5ebf5b17c53c684b02defff3e904d20dcbbcbbdbcdef7776

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Tasks