mrch.gif

General
Target

mrch.gif

Size

424KB

Sample

210302-y9rqfzcq5x

Score
10 /10
MD5

97e6abcad2140619ff150d6253f62b8f

SHA1

0762a2db618f5dcc403139b671222aecb7c4aaf1

SHA256

24753d9f0d691b6d582da3e301b98f75abbdb5382bb871ee00713c5029c56d44

SHA512

54d55de10d22086a0d77cad5b833ceee0b1bcd62062e56c0af5deaa64b0bbc84f45ac47905b833967b611a3e41eeb7f5ccc437619648cf69f8f1f04d50faaf08

Malware Config

Extracted

Family qakbot
Botnet tr
Campaign 1614598087
C2

24.95.61.62:443

89.3.198.238:443

196.151.252.84:443

90.65.236.181:2222

2.232.253.79:995

217.133.54.140:32100

195.43.173.70:443

84.247.55.190:8443

136.232.34.70:443

45.63.107.192:443

45.77.115.208:443

149.28.98.196:995

45.32.211.207:8443

149.28.98.196:443

149.28.99.97:443

45.63.107.192:2222

207.246.77.75:443

207.246.77.75:8443

45.77.117.108:443

45.32.211.207:995

144.202.38.185:2222

144.202.38.185:995

149.28.101.90:443

207.246.77.75:2222

207.246.77.75:995

45.77.115.208:2222

45.77.115.208:8443

207.246.116.237:443

207.246.116.237:2222

45.77.117.108:8443

149.28.98.196:2222

144.202.38.185:443

149.28.101.90:8443

149.28.101.90:2222

45.77.115.208:995

207.246.116.237:8443

207.246.116.237:995

45.77.117.108:995

45.77.117.108:2222

122.148.156.131:995

149.28.101.90:995

45.32.211.207:443

45.32.211.207:2222

149.28.99.97:2222

149.28.99.97:995

209.210.187.52:995

85.52.72.32:2222

86.236.77.68:2222

71.199.192.62:443

71.117.132.169:443

Targets
Target

mrch.gif

MD5

97e6abcad2140619ff150d6253f62b8f

Filesize

424KB

Score
10 /10
SHA1

0762a2db618f5dcc403139b671222aecb7c4aaf1

SHA256

24753d9f0d691b6d582da3e301b98f75abbdb5382bb871ee00713c5029c56d44

SHA512

54d55de10d22086a0d77cad5b833ceee0b1bcd62062e56c0af5deaa64b0bbc84f45ac47905b833967b611a3e41eeb7f5ccc437619648cf69f8f1f04d50faaf08

Tags

Signatures

  • Qakbot/Qbot

    Description

    Qbot or Qakbot is a sophisticated worm with banking capabilities.

    Tags

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks