Overview

overview

10

Static

static

test2.test.dll

windows7_x64

10

test2.test.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test2.test

  • Size

    1.5MB

  • Sample

    211018-rvzjcaefgr

  • MD5

    d03ac99c0404b779cfe3c10e1c804581

  • SHA1

    e1e73aa1b7588cd6c3c03e1f108cc66730bdc322

  • SHA256

    b6c7c10b2389872e1c16b8c398bb3192103ec858179ecb04c89ea93633173796

  • SHA512

    45db0a682f46fa5c9ca9e19550429c76b599f5ae2d2cd2c37868741e3b8668c10adccae788db3f81522f43ac415acdde3b74713e97f2c7be40c4077f6b05fa4a

Score
10/10
qakbottr1634541613bankerevasionstealertrojan

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

tr

Campaign

1634541613

C2

120.150.218.241:995

24.119.214.7:443

103.143.8.71:443

81.241.252.59:2078

81.250.153.227:2222

174.54.193.186:443

73.52.50.32:443

39.49.122.240:995

86.220.112.26:2222

103.82.211.39:465

78.191.38.33:995

216.201.162.158:443

181.118.183.94:443

66.177.215.152:0

208.78.220.143:443

94.200.181.154:443

136.232.34.70:443

136.143.11.232:443

81.213.59.22:443

103.82.211.39:990
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      test2.test

    • Size

      1.5MB

    • MD5

      d03ac99c0404b779cfe3c10e1c804581

    • SHA1

      e1e73aa1b7588cd6c3c03e1f108cc66730bdc322

    • SHA256

      b6c7c10b2389872e1c16b8c398bb3192103ec858179ecb04c89ea93633173796

    • SHA512

      45db0a682f46fa5c9ca9e19550429c76b599f5ae2d2cd2c37868741e3b8668c10adccae788db3f81522f43ac415acdde3b74713e97f2c7be40c4077f6b05fa4a

    Score
    10/10
    qakbottr1634541613bankerevasionstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks