General

  • Target

    44368.5879607639.dat

  • Size

    733KB

  • Sample

    210621-bazmbfsj4j

  • MD5

    5423261939d21619fa15f6e21368feda

  • SHA1

    09c642c450df41aba28c61b895b8b037223ae70a

  • SHA256

    30c2b92139a3a1241ba843b4124050883eee5633811cd79af428b3569400f8e5

  • SHA512

    2faef188a814a3a770990862c1c8ffe382f64f827a27fd9a4017a20f81c6416697acd212982d2c2f7d2a118508b94a2f34fbd4b5eab698f1b3c869c61f7cf76a

Malware Config

Extracted

Family

qakbot

Version

402.115

Botnet

obama61

Campaign

1623917498

C2

86.220.60.247:2222

24.179.77.236:443

68.186.192.69:443

197.45.110.165:995

96.253.46.210:443

186.144.33.73:443

175.136.38.142:443

47.22.148.6:443

76.25.142.196:443

45.32.211.207:443

207.246.116.237:8443

45.77.115.208:443

45.77.115.208:995

149.28.101.90:2222

207.246.116.237:443

144.202.38.185:2222

149.28.101.90:995

207.246.77.75:443

207.246.77.75:995

207.246.77.75:2222

Targets

    • Target

      44368.5879607639.dat

    • Size

      733KB

    • MD5

      5423261939d21619fa15f6e21368feda

    • SHA1

      09c642c450df41aba28c61b895b8b037223ae70a

    • SHA256

      30c2b92139a3a1241ba843b4124050883eee5633811cd79af428b3569400f8e5

    • SHA512

      2faef188a814a3a770990862c1c8ffe382f64f827a27fd9a4017a20f81c6416697acd212982d2c2f7d2a118508b94a2f34fbd4b5eab698f1b3c869c61f7cf76a

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Tasks