General
-
Target
e2bc969424adc97345ac81194d316f58da38621aad3ca7ae27e40a8fae582987
-
Size
545KB
-
Sample
211115-r554waafe6
-
MD5
53510e20efb161d5b71c4ce2800c1a8d
-
SHA1
2268178851d0d0debb9ab457d73af8a5e50af168
-
SHA256
e2bc969424adc97345ac81194d316f58da38621aad3ca7ae27e40a8fae582987
-
SHA512
27f4f030928581d23212e18cfd0b33376677cef43ad5605e124cd80e2102cd1d559bf205ae1693e5e6567a6bd33d00d0e7209e32d503116d8b1594cb78ae69a3
Static task
static1
Behavioral task
behavioral1
Sample
e2bc969424adc97345ac81194d316f58da38621aad3ca7ae27e40a8fae582987.dll
Resource
win7-en-20211104
Malware Config
Extracted
qakbot
402.363
tr
1633597626
120.150.218.241:995
185.250.148.74:443
89.137.52.44:443
66.103.170.104:2222
86.8.177.143:443
216.201.162.158:443
174.54.193.186:443
103.148.120.144:443
188.50.169.158:443
124.123.42.115:2222
140.82.49.12:443
199.27.127.129:443
81.241.252.59:2078
209.142.97.161:995
209.50.20.255:443
73.230.205.91:443
200.232.214.222:995
103.142.10.177:443
2.222.167.138:443
41.228.22.180:443
122.11.220.212:2222
78.191.58.219:995
47.22.148.6:443
74.72.237.54:443
217.17.56.163:465
96.57.188.174:2078
94.200.181.154:443
37.210.152.224:995
201.93.111.2:995
202.134.178.157:443
89.101.97.139:443
73.52.50.32:443
188.55.235.110:995
27.223.92.142:995
181.118.183.94:443
136.232.34.70:443
186.32.163.199:443
72.173.78.211:443
76.25.142.196:443
45.46.53.140:2222
98.157.235.126:443
173.21.10.71:2222
73.151.236.31:443
71.74.12.34:443
75.75.179.226:443
167.248.117.81:443
67.165.206.193:993
47.40.196.233:2222
72.252.201.69:443
181.4.53.6:465
109.12.111.14:443
24.171.50.5:443
24.139.72.117:443
24.55.112.61:443
24.229.150.54:995
77.57.204.78:443
81.250.153.227:2222
49.33.237.65:443
66.177.215.152:50010
177.170.201.134:995
75.188.35.168:443
120.151.47.189:443
173.25.162.221:443
201.6.246.227:995
66.177.215.152:443
217.17.56.163:2222
202.165.32.158:2222
39.52.229.8:995
42.60.70.14:443
73.140.38.124:443
167.248.100.227:443
63.70.164.200:443
69.30.186.190:443
189.131.221.201:443
68.204.7.158:443
181.84.114.46:443
167.248.99.149:443
177.94.21.110:995
50.54.32.149:443
189.224.181.39:443
24.119.214.7:443
63.70.164.200:995
177.94.125.59:995
82.18.173.253:2222
73.130.180.25:443
217.17.56.163:2078
162.244.227.34:443
75.66.88.33:443
206.47.134.234:2222
167.248.54.34:2222
73.77.87.137:443
181.4.53.6:443
190.198.206.189:2222
167.248.111.245:443
96.46.103.226:443
73.25.124.140:2222
24.152.219.253:995
68.186.192.69:443
162.210.220.137:443
174.54.58.170:443
103.246.130.114:1194
103.246.130.35:21
103.246.130.2:20
103.246.130.122:20
105.198.236.99:443
103.157.122.198:995
4.34.193.180:995
159.2.51.200:2222
110.174.64.179:995
187.101.25.96:32100
76.84.230.103:443
174.59.35.191:443
173.63.245.129:443
68.117.229.117:443
75.163.81.130:995
76.84.32.159:443
147.92.51.49:443
76.84.226.17:443
68.13.157.69:443
167.248.126.223:443
72.196.22.184:443
98.22.92.139:995
97.98.130.50:443
196.117.224.53:995
191.191.38.8:443
188.210.210.122:443
96.46.103.109:2222
37.117.191.19:2222
197.90.137.161:61201
24.32.174.175:443
76.84.225.21:443
78.145.153.73:995
69.30.190.105:995
167.248.81.60:443
69.80.113.148:443
217.17.56.163:443
62.23.194.38:443
62.23.194.41:995
189.210.115.207:443
174.59.226.6:443
73.130.237.36:443
69.253.197.100:443
174.59.242.9:443
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Targets
-
-
Target
e2bc969424adc97345ac81194d316f58da38621aad3ca7ae27e40a8fae582987
-
Size
545KB
-
MD5
53510e20efb161d5b71c4ce2800c1a8d
-
SHA1
2268178851d0d0debb9ab457d73af8a5e50af168
-
SHA256
e2bc969424adc97345ac81194d316f58da38621aad3ca7ae27e40a8fae582987
-
SHA512
27f4f030928581d23212e18cfd0b33376677cef43ad5605e124cd80e2102cd1d559bf205ae1693e5e6567a6bd33d00d0e7209e32d503116d8b1594cb78ae69a3
-
Loads dropped DLL
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation