Overview

overview

10

Static

static

0df2454118...55.dll

windows7_x64

10

0df2454118...55.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0df2454118e456768e7f1f3ddf5df8ecaba692ed0d46c1a22b76c95ab5853d55

  • Size

    1021KB

  • Sample

    210224-hcqjmh5exs

  • MD5

    c4937efde639aebb1dd44f39b4fd7e86

  • SHA1

    5ec55bee8a19ca6436ac13518ef5e3755a8b50e4

  • SHA256

    0df2454118e456768e7f1f3ddf5df8ecaba692ed0d46c1a22b76c95ab5853d55

  • SHA512

    16451b7a3aa1c9ed7b87d4164c34384557480582fe79fd9f7ab3a6e9761ead39d68d3ffd362c6d30c9efb6655ba33d708672a7d1eaa2e2836fd23a5efde147a3

Score
10/10
qakbotabc1231612349986bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Botnet

abc123

Campaign

1612349986

C2

222.154.253.111:995

50.244.112.106:443

83.110.108.181:2222

105.198.236.99:443

74.77.162.33:443

106.250.150.98:443

196.151.252.84:443

45.118.216.157:443

140.82.49.12:443

80.11.173.82:8443

71.88.193.17:443

68.186.192.69:443

46.153.119.255:995

81.214.126.173:2222

108.31.15.10:995

197.45.110.165:995

81.88.254.62:443

86.97.8.249:443

202.187.58.21:443

41.39.134.183:443

Targets

    • Target

      0df2454118e456768e7f1f3ddf5df8ecaba692ed0d46c1a22b76c95ab5853d55

    • Size

      1021KB

    • MD5

      c4937efde639aebb1dd44f39b4fd7e86

    • SHA1

      5ec55bee8a19ca6436ac13518ef5e3755a8b50e4

    • SHA256

      0df2454118e456768e7f1f3ddf5df8ecaba692ed0d46c1a22b76c95ab5853d55

    • SHA512

      16451b7a3aa1c9ed7b87d4164c34384557480582fe79fd9f7ab3a6e9761ead39d68d3ffd362c6d30c9efb6655ba33d708672a7d1eaa2e2836fd23a5efde147a3

    Score
    10/10
    qakbotabc1231612349986bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks