General

  • Target

    7ceaaa2ae96ba6400a09c96ae63a472a6b54535833a8eb5a9bba1afa7645c571

  • Size

    673KB

  • Sample

    210504-rw1qr8vl5e

  • MD5

    c8f1fdd8dd3724f89cef6d9ea9ec85fd

  • SHA1

    30d5e006337e17b512ff5ed878cc1beb1664abb0

  • SHA256

    7ceaaa2ae96ba6400a09c96ae63a472a6b54535833a8eb5a9bba1afa7645c571

  • SHA512

    0dce8b7705707318f8c227e9a9fcf363884b20374c05f233217042f1272ca0921ea637ca435de56f618463cf00cd234cc006de47ac62112047425add28ea1a73

Malware Config

Extracted

Family

qakbot

Version

324.141

Botnet

spx125

Campaign

1590138228

C2

190.75.168.108:2078

93.114.192.211:2222

47.39.76.74:443

182.56.134.44:995

24.201.79.208:2078

207.246.71.122:443

50.244.112.10:443

88.207.27.144:443

72.204.242.138:443

72.204.242.138:2078

72.204.242.138:990

76.187.8.160:443

220.135.31.140:2222

86.126.97.183:2222

86.126.112.153:995

68.49.120.179:443

101.108.125.44:443

203.101.163.187:443

197.165.212.10:443

207.255.161.8:2078

Targets

    • Target

      7ceaaa2ae96ba6400a09c96ae63a472a6b54535833a8eb5a9bba1afa7645c571

    • Size

      673KB

    • MD5

      c8f1fdd8dd3724f89cef6d9ea9ec85fd

    • SHA1

      30d5e006337e17b512ff5ed878cc1beb1664abb0

    • SHA256

      7ceaaa2ae96ba6400a09c96ae63a472a6b54535833a8eb5a9bba1afa7645c571

    • SHA512

      0dce8b7705707318f8c227e9a9fcf363884b20374c05f233217042f1272ca0921ea637ca435de56f618463cf00cd234cc006de47ac62112047425add28ea1a73

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

Remote System Discovery

1
T1018

Tasks