Overview

overview

10

Static

static

1.dll

windows7_x64

10

1.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.dll

  • Size

    742KB

  • Sample

    211022-hv9jwabca9

  • MD5

    a2cd7a6da2ad08288c215beb8e904147

  • SHA1

    b78c5c3f4867eb0b390a5386483f8d9e3d2da182

  • SHA256

    4fe4c604339c619c4ccac70698a13b833351713ef03e72ed89e542964327346f

  • SHA512

    96e97cc450fc34983e08836e7139f4393b04bf0db21a8e7d9999fbba6fa9cd3be49a59f5587886d377229aef9d1bffb078b497e7a99ab0dacd43c41d038b9073

Score
10/10
qakbottr1634541613bankerevasionstealertrojan

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

tr

Campaign

1634541613

C2

120.150.218.241:995

24.119.214.7:443

103.143.8.71:443

81.241.252.59:2078

81.250.153.227:2222

174.54.193.186:443

73.52.50.32:443

39.49.122.240:995

86.220.112.26:2222

103.82.211.39:465

78.191.38.33:995

216.201.162.158:443

181.118.183.94:443

66.177.215.152:0

208.78.220.143:443

94.200.181.154:443

136.232.34.70:443

136.143.11.232:443

81.213.59.22:443

103.82.211.39:990
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      1.dll

    • Size

      742KB

    • MD5

      a2cd7a6da2ad08288c215beb8e904147

    • SHA1

      b78c5c3f4867eb0b390a5386483f8d9e3d2da182

    • SHA256

      4fe4c604339c619c4ccac70698a13b833351713ef03e72ed89e542964327346f

    • SHA512

      96e97cc450fc34983e08836e7139f4393b04bf0db21a8e7d9999fbba6fa9cd3be49a59f5587886d377229aef9d1bffb078b497e7a99ab0dacd43c41d038b9073

    Score
    10/10
    qakbottr1634541613bankerevasionstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Disabling Security Tools

1
T1089

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks