General
-
Target
186b5f0acbf214a1f442530198f213e675de3cd908b33501b646a5f8494d1ecc
-
Size
825KB
-
Sample
211214-r36bvsghbq
-
MD5
3142cbf3b97b301f787b5dfdde5e4b62
-
SHA1
d5c85a79f8afbaf828538e1544abcdf254cb2c6a
-
SHA256
186b5f0acbf214a1f442530198f213e675de3cd908b33501b646a5f8494d1ecc
-
SHA512
1b0c8ec21f42b5ca2cb7ab3a3b66c139c0a807c4cf399f4649f21f27913f351c04cb4676b37d7de5fe93bbca02119103d4b510ef6cfd819492292af4db5da0d7
Static task
static1
Behavioral task
behavioral1
Sample
186b5f0acbf214a1f442530198f213e675de3cd908b33501b646a5f8494d1ecc.dll
Resource
win7-en-20211208
Malware Config
Extracted
qakbot
403.10
cullinan
1639333530
65.100.174.110:443
173.21.10.71:2222
140.82.49.12:443
190.73.3.148:2222
76.25.142.196:443
71.74.12.34:443
31.215.98.160:443
93.48.80.198:995
45.9.20.200:2211
41.228.22.180:443
109.12.111.14:443
63.143.92.99:995
120.150.218.241:995
94.60.254.81:443
86.148.6.51:443
218.101.110.3:995
216.238.71.31:443
207.246.112.221:443
216.238.72.121:443
216.238.71.31:995
207.246.112.221:995
216.238.72.121:995
186.64.87.195:443
73.151.236.31:443
78.191.12.29:995
67.165.206.193:993
68.186.192.69:443
65.100.174.110:8443
89.137.52.44:443
75.188.35.168:995
105.198.236.99:995
182.176.180.73:443
103.142.10.177:443
136.232.34.70:443
68.204.7.158:443
27.223.92.142:995
102.65.38.67:443
189.175.200.244:80
100.1.119.41:443
73.140.38.124:443
73.171.4.177:443
89.101.97.139:443
24.229.150.54:995
72.252.201.34:995
39.49.44.85:995
2.222.167.138:443
96.37.113.36:993
117.248.109.38:21
39.43.130.50:995
75.169.58.229:32100
24.55.112.61:443
27.5.4.111:2222
197.89.144.207:443
73.5.119.219:443
136.143.11.232:443
86.98.36.211:443
106.220.76.130:443
129.208.139.229:995
45.46.53.140:2222
190.229.210.128:465
91.178.126.51:995
189.18.181.24:995
185.53.147.51:443
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Targets
-
-
Target
186b5f0acbf214a1f442530198f213e675de3cd908b33501b646a5f8494d1ecc
-
Size
825KB
-
MD5
3142cbf3b97b301f787b5dfdde5e4b62
-
SHA1
d5c85a79f8afbaf828538e1544abcdf254cb2c6a
-
SHA256
186b5f0acbf214a1f442530198f213e675de3cd908b33501b646a5f8494d1ecc
-
SHA512
1b0c8ec21f42b5ca2cb7ab3a3b66c139c0a807c4cf399f4649f21f27913f351c04cb4676b37d7de5fe93bbca02119103d4b510ef6cfd819492292af4db5da0d7
-
Loads dropped DLL
-