Overview

overview

10

Static

static

hnhkji2.html.dll

windows7_x64

10

hnhkji2.html.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hnhkji2.html

  • Size

    652KB

  • Sample

    211018-1t2rrafhdk

  • MD5

    8f1df16125397b8024cdd1adad75f998

  • SHA1

    74c5ab18c21484ebeeba751289454f0f21dc0420

  • SHA256

    c7d52b2b2ab0b82548e152608014f1d9a295e604152f44623c18eaf0b134ab74

  • SHA512

    302ee5fa0e68a7718024a4262b98b1236aa3c86b9fd950ea41ded5810f1c463928f3030346407a4afbf13849cec11400825886f6e96b010fb953b5ea0e2c1dad

Score
10/10
qakbottr1634541613bankerevasionstealertrojan

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

tr

Campaign

1634541613

C2

120.150.218.241:995

24.119.214.7:443

103.143.8.71:443

81.241.252.59:2078

81.250.153.227:2222

174.54.193.186:443

73.52.50.32:443

39.49.122.240:995

86.220.112.26:2222

103.82.211.39:465

78.191.38.33:995

216.201.162.158:443

181.118.183.94:443

66.177.215.152:0

208.78.220.143:443

94.200.181.154:443

136.232.34.70:443

136.143.11.232:443

81.213.59.22:443

103.82.211.39:990
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      hnhkji2.html

    • Size

      652KB

    • MD5

      8f1df16125397b8024cdd1adad75f998

    • SHA1

      74c5ab18c21484ebeeba751289454f0f21dc0420

    • SHA256

      c7d52b2b2ab0b82548e152608014f1d9a295e604152f44623c18eaf0b134ab74

    • SHA512

      302ee5fa0e68a7718024a4262b98b1236aa3c86b9fd950ea41ded5810f1c463928f3030346407a4afbf13849cec11400825886f6e96b010fb953b5ea0e2c1dad

    Score
    10/10
    qakbottr1634541613bankerevasionstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks