Overview

overview

10

Static

static

44477.7182787037.dll

windows7_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44477.7182787037.dll

  • Size

    820KB

  • Sample

    211008-trrenseff7

  • MD5

    64cf2215e86fdaad2a4f7cd9ed4d5f7a

  • SHA1

    dc110ae81ab175cee2cf663e5596783f299a4a85

  • SHA256

    6701e89b161bec144d1a4cd72b9190f9bc29ffb0a8c48edb25b46fa74c115ecd

  • SHA512

    25a533cd520f7567f87c69b7f1a85da4ef05a5109592673d8646885bcee8a9c2fae6d9a6073830efd3aaddb0c19262f375a7a6ca8f6ed8f4455c35f66706aecb

Score
10/10
qakbotobama1121633682302bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

obama112

Campaign

1633682302

C2

98.157.235.126:443

124.123.42.115:2222

185.250.148.74:443

73.77.87.137:443

188.50.169.158:443

216.201.162.158:443

174.54.193.186:443

27.223.92.142:995

220.255.25.28:2222

103.142.10.177:443

2.222.167.138:443

66.177.215.152:0

122.11.220.212:2222

85.109.229.54:995

140.82.49.12:443

199.27.127.129:443

209.50.20.255:443

73.230.205.91:443

200.232.214.222:995

81.241.252.59:2078

Targets

    • Target

      44477.7182787037.dll

    • Size

      820KB

    • MD5

      64cf2215e86fdaad2a4f7cd9ed4d5f7a

    • SHA1

      dc110ae81ab175cee2cf663e5596783f299a4a85

    • SHA256

      6701e89b161bec144d1a4cd72b9190f9bc29ffb0a8c48edb25b46fa74c115ecd

    • SHA512

      25a533cd520f7567f87c69b7f1a85da4ef05a5109592673d8646885bcee8a9c2fae6d9a6073830efd3aaddb0c19262f375a7a6ca8f6ed8f4455c35f66706aecb

    Score
    10/10
    qakbotobama1121633682302bankerstealertrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks