55555555555.bin

General
Target

55555555555.bin

Size

2MB

Sample

210130-36gw5jdkmj

Score
10 /10
MD5

c300a4f9d885116a4ebf30250dbda77e

SHA1

921406e91672941b4931b943f4ca8607c929319a

SHA256

0cfd289b41e1849b6678823574bab07b730094bcbab4577ece3e96febe84d4d4

SHA512

fa86df57e987eaf683c212be4357ffc61a021a937457ae13bb32c7816e3eac6f20e77488cd509cb36cba0f601d26b80a57de8be173a34edf496ab3ea6e446dcb

Malware Config

Extracted

Family qakbot
Botnet abc114
Campaign 1608129413
C2

86.127.22.190:443

35.139.242.207:443

108.190.194.146:2222

187.213.199.54:443

68.83.89.188:443

41.233.152.232:993

196.151.252.84:443

181.208.249.141:443

172.87.134.226:443

96.27.47.70:2222

83.110.109.78:2222

93.86.1.159:995

217.162.149.212:443

80.11.210.247:443

72.252.201.69:443

185.163.221.77:2222

189.62.175.92:22

95.76.27.6:443

45.77.115.208:443

187.213.82.104:995

47.44.217.98:443

91.138.177.114:2222

72.240.200.181:2222

71.182.142.63:443

90.53.103.26:2222

81.97.154.100:443

45.118.216.157:443

70.118.146.154:995

83.202.68.220:2222

86.97.221.121:443

67.141.11.98:443

184.189.122.72:443

189.150.111.8:2222

24.229.150.54:995

200.38.254.177:443

109.106.69.138:2222

5.204.148.208:995

109.154.79.222:2222

190.220.8.10:995

87.27.110.90:2222

65.48.208.194:443

78.101.130.59:995

75.136.26.147:443

47.138.204.19:443

140.82.49.12:443

41.205.16.222:443

67.6.54.180:443

80.227.5.70:443

193.248.154.174:2222

93.148.241.179:2222

Targets
Target

55555555555.bin

MD5

c300a4f9d885116a4ebf30250dbda77e

Filesize

2MB

Score
10 /10
SHA1

921406e91672941b4931b943f4ca8607c929319a

SHA256

0cfd289b41e1849b6678823574bab07b730094bcbab4577ece3e96febe84d4d4

SHA512

fa86df57e987eaf683c212be4357ffc61a021a937457ae13bb32c7816e3eac6f20e77488cd509cb36cba0f601d26b80a57de8be173a34edf496ab3ea6e446dcb

Tags

Signatures

  • Qakbot/Qbot

    Description

    Qbot or Qakbot is a sophisticated worm with banking capabilities.

    Tags

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation