General

  • Target

    d4ab52a776afb0114dc478be94c7f85ba342a3634884c7d8c71081d11d3a70b0

  • Size

    512KB

  • Sample

    211219-jvz6waghcl

  • MD5

    1a0c333053b2e8ee809e48ed8ff67be3

  • SHA1

    a547b3002ce848d130af2129843c29c9585fc0f8

  • SHA256

    d4ab52a776afb0114dc478be94c7f85ba342a3634884c7d8c71081d11d3a70b0

  • SHA512

    618c0398edda1cdaa87de6a915412ddb7c260532de1ccf6ff34b0b4f95c57b7b925e894c4c8e44ed1851df7343a0bf6bbd47aa73a8248a681abb1e05c2effddd

Malware Config

Extracted

Family

qakbot

Version

403.10

Botnet

cullinan

Campaign

1639742517

C2

50.238.6.36:443

92.167.4.71:2222

89.137.52.44:443

105.198.236.99:995

117.248.109.38:21

106.51.48.170:50001

120.150.218.241:995

190.73.3.148:2222

182.56.53.180:443

186.64.87.213:443

103.142.10.177:443

65.100.174.110:443

96.21.251.127:2222

24.95.61.62:443

194.36.28.26:443

182.191.92.203:995

41.228.22.180:443

63.143.92.99:995

41.200.112.42:443

103.143.8.71:995

Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      d4ab52a776afb0114dc478be94c7f85ba342a3634884c7d8c71081d11d3a70b0

    • Size

      512KB

    • MD5

      1a0c333053b2e8ee809e48ed8ff67be3

    • SHA1

      a547b3002ce848d130af2129843c29c9585fc0f8

    • SHA256

      d4ab52a776afb0114dc478be94c7f85ba342a3634884c7d8c71081d11d3a70b0

    • SHA512

      618c0398edda1cdaa87de6a915412ddb7c260532de1ccf6ff34b0b4f95c57b7b925e894c4c8e44ed1851df7343a0bf6bbd47aa73a8248a681abb1e05c2effddd

MITRE ATT&CK Enterprise v6

Tasks