Overview

overview

10

Static

static

b12073d6fb...a4.dll

windows7_x64

10

b12073d6fb...a4.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b12073d6fb10eaa5c2d201c069693f72a45f53df4239ef34d5e4608a084603a4

  • Size

    1.3MB

  • Sample

    210416-ss39q71mle

  • MD5

    35f41510137c3c35eab54c7d9ed2359f

  • SHA1

    9831a1e630da06dfd45b6784ae45aaa3a8b383fa

  • SHA256

    b12073d6fb10eaa5c2d201c069693f72a45f53df4239ef34d5e4608a084603a4

  • SHA512

    aef54b6618e9dedc8646e9803e3872b74173922450aa517cccd7d45a20bd5234d622fbf62725db0fbca0b848dcd4f53be839231a78fd99ce0a16ffdaa14a870b

Score
10/10
qakbotclinton041618322109bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Botnet

clinton04

Campaign

1618322109

C2

75.137.47.174:443

140.82.49.12:443

151.205.102.42:443

24.226.156.153:443

24.43.22.221:993

216.201.162.158:443

76.25.142.196:443

149.28.99.97:995

149.28.101.90:2222

207.246.116.237:8443

149.28.99.97:443

45.63.107.192:2222

45.32.211.207:2222

149.28.101.90:443

45.77.117.108:995

207.246.77.75:443

207.246.77.75:8443

149.28.98.196:2222

45.32.211.207:995

45.32.211.207:443

Targets

    • Target

      b12073d6fb10eaa5c2d201c069693f72a45f53df4239ef34d5e4608a084603a4

    • Size

      1.3MB

    • MD5

      35f41510137c3c35eab54c7d9ed2359f

    • SHA1

      9831a1e630da06dfd45b6784ae45aaa3a8b383fa

    • SHA256

      b12073d6fb10eaa5c2d201c069693f72a45f53df4239ef34d5e4608a084603a4

    • SHA512

      aef54b6618e9dedc8646e9803e3872b74173922450aa517cccd7d45a20bd5234d622fbf62725db0fbca0b848dcd4f53be839231a78fd99ce0a16ffdaa14a870b

    Score
    10/10
    qakbotclinton041618322109bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks