Overview

overview

10

Static

static

output.dll

windows7_x64

10

output.dll

windows10_x64

Resubmissions

12-04-2021 13:42

210412-wmaks43hlj 10

12-04-2021 13:34

210412-k74rvn6b6s 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    output.dll

  • Size

    1.4MB

  • Sample

    210412-wmaks43hlj

  • MD5

    2688406bd73347d21e7ede2a7bbfaeab

  • SHA1

    0df05dc29da8c921ed2db6e0ac725108ce9978e6

  • SHA256

    57c99a4a83e155dd9503fc578670e9dc67aa25811988648c7790f1157c9a5271

  • SHA512

    03fa90508f796a9cad3a6485c54bb98655469ec48f1062977d3e351147295fe79d27a2397ed50ef013d3d98b2014263bcdbd4abe3de8c04d055058f5688c9740

Score
10/10
qakbottr1618225074bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Botnet

tr

Campaign

1618225074

C2

197.45.110.165:995

216.201.162.158:443

71.74.12.34:443

45.63.107.192:2222

149.28.101.90:2222

45.32.211.207:443

45.32.211.207:995

45.32.211.207:8443

45.32.211.207:2222

149.28.99.97:995

149.28.98.196:443

149.28.101.90:443

149.28.101.90:8443

207.246.77.75:2222

207.246.116.237:443

207.246.116.237:995

207.246.116.237:2222

45.77.117.108:995

149.28.99.97:443

45.63.107.192:443

Targets

    • Target

      output.dll

    • Size

      1.4MB

    • MD5

      2688406bd73347d21e7ede2a7bbfaeab

    • SHA1

      0df05dc29da8c921ed2db6e0ac725108ce9978e6

    • SHA256

      57c99a4a83e155dd9503fc578670e9dc67aa25811988648c7790f1157c9a5271

    • SHA512

      03fa90508f796a9cad3a6485c54bb98655469ec48f1062977d3e351147295fe79d27a2397ed50ef013d3d98b2014263bcdbd4abe3de8c04d055058f5688c9740

    Score
    10/10
    qakbottr1618225074bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks