Overview

overview

10

Static

static

test2.test.dll

windows7_x64

10

test2.test.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test2.test

  • Size

    1.0MB

  • Sample

    211005-q892kahhc6

  • MD5

    02f53c52811ab112fc110e817a772c1c

  • SHA1

    f4c9cc40472799c03f80069b97ac0485f76e72c1

  • SHA256

    f1263a039c93f88f4e308f6e17d7863ceb9b48a939357726c152937503dc5b69

  • SHA512

    f195e0ea64b0c09148e0009a4bd60ba53dc777e00fce9790afc8b5236e036a19092265314ac6aaec858312c6744a8397fcfc8bbc50e173e76229528af6aa540f

Score
10/10
qakbottr1633334141bankerevasionstealertrojan

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

tr

Campaign

1633334141

C2

75.75.179.226:443

185.250.148.74:443

122.11.220.212:2222

120.150.218.241:995

103.148.120.144:443

140.82.49.12:443

40.131.140.155:995

206.47.134.234:2222

73.230.205.91:443

190.198.206.189:2222

103.157.122.198:995

81.250.153.227:2222

167.248.100.227:443

96.57.188.174:2078

217.17.56.163:2222

217.17.56.163:2078

41.228.22.180:443

136.232.34.70:443

68.186.192.69:443

167.248.111.245:443

Targets

    • Target

      test2.test

    • Size

      1.0MB

    • MD5

      02f53c52811ab112fc110e817a772c1c

    • SHA1

      f4c9cc40472799c03f80069b97ac0485f76e72c1

    • SHA256

      f1263a039c93f88f4e308f6e17d7863ceb9b48a939357726c152937503dc5b69

    • SHA512

      f195e0ea64b0c09148e0009a4bd60ba53dc777e00fce9790afc8b5236e036a19092265314ac6aaec858312c6744a8397fcfc8bbc50e173e76229528af6aa540f

    Score
    10/10
    qakbottr1633334141bankerevasionstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks