General
-
Target
httpd.exe
-
Size
436KB
-
Sample
211118-pgz7lsfhg3
-
MD5
657cae1ba2143c9fb6933f192e2e3137
-
SHA1
0a32aa59f401796cc30cf5875628be64f2f52a44
-
SHA256
1280b164c00a2abed7d4bb1714882f99f74c52bf9338a6e74edb88a64e2b086b
-
SHA512
612811f2adc7197bf7cf7a52f94ec6ad0cadd35bd4a55587d6ebcc7b1d2e7f06495ef7b432ab03f3c3d54f338a77205d4f4145086644991958efeb03f7365d2d
Static task
static1
Behavioral task
behavioral1
Sample
httpd.exe.dll
Resource
win7-en-20211014
Malware Config
Extracted
qakbot
402.363
tr
1632817399
105.198.236.99:443
140.82.49.12:443
37.210.152.224:995
89.101.97.139:443
81.241.252.59:2078
27.223.92.142:995
81.250.153.227:2222
73.151.236.31:443
47.22.148.6:443
122.11.220.212:2222
120.151.47.189:443
199.27.127.129:443
216.201.162.158:443
136.232.34.70:443
76.25.142.196:443
181.118.183.94:443
120.150.218.241:995
185.250.148.74:443
95.77.223.148:443
75.66.88.33:443
45.46.53.140:2222
173.25.166.81:443
103.148.120.144:443
173.21.10.71:2222
186.18.205.199:995
71.74.12.34:443
67.165.206.193:993
47.40.196.233:2222
68.204.7.158:443
24.229.150.54:995
109.12.111.14:443
177.130.82.197:2222
72.252.201.69:443
24.55.112.61:443
24.139.72.117:443
187.156.138.172:443
71.80.168.245:443
105.157.55.133:995
82.77.137.101:995
173.234.155.233:443
75.188.35.168:443
5.238.149.235:61202
73.77.87.137:443
182.176.112.182:443
96.37.113.36:993
162.244.227.34:443
92.59.35.196:2222
196.218.227.241:995
68.207.102.78:443
2.188.27.77:443
189.210.115.207:443
181.163.96.53:443
75.107.26.196:465
185.250.148.74:2222
68.186.192.69:443
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Targets
-
-
Target
httpd.exe
-
Size
436KB
-
MD5
657cae1ba2143c9fb6933f192e2e3137
-
SHA1
0a32aa59f401796cc30cf5875628be64f2f52a44
-
SHA256
1280b164c00a2abed7d4bb1714882f99f74c52bf9338a6e74edb88a64e2b086b
-
SHA512
612811f2adc7197bf7cf7a52f94ec6ad0cadd35bd4a55587d6ebcc7b1d2e7f06495ef7b432ab03f3c3d54f338a77205d4f4145086644991958efeb03f7365d2d
-
Loads dropped DLL
-