Overview

overview

10

Static

static

10

52321edc0c...eb.dll

windows7_x64

10

52321edc0c...eb.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    52321edc0c5a3fcb824d591c730e7783194ec5e1c0f617b40ffe760a876924eb

  • Size

    167KB

  • Sample

    220214-t6pvdsacf4

  • MD5

    0c9bef0496980f1304a14e3fa7737146

  • SHA1

    4a40d0bbe792271c0911c09c5cdd577d7e38a399

  • SHA256

    52321edc0c5a3fcb824d591c730e7783194ec5e1c0f617b40ffe760a876924eb

  • SHA512

    a910b0db163f6cec3914096b3b5a05503a3e92cec82fe60e900157a173bdc154c7376bb229b01612b05eb084427ea3820291d66714b00fd9bec7098972aef916

Score
10/10
qakbot1518695014bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

322.148

Campaign

1518695014

Credentials

  • Protocol:     ftp
  • Host:
    66.96.133.9
  • Port:
    21
  • Username:
    help
  • Password:
    eT5TerAcnFe6~

  • Protocol:     ftp
  • Host:
    174.123.38.58
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    4BQ1MeeRAwNZEVu

  • Protocol:     ftp
  • Host:
    61.221.12.26
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    346HZGCMlwecz9S

  • Protocol:     ftp
  • Host:
    67.222.137.18
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    p4a8k6fE1FtA3pR

  • Protocol:     ftp
  • Host:
    107.6.152.61
  • Port:
    21
  • Username:
    [email protected]
  • Password:
    RoP4Af0RKAAQ74V
C2

179.62.153.88:443

50.198.141.161:2222

69.129.91.38:443

66.189.228.49:995

96.253.104.73:443

71.183.129.113:443

125.25.130.203:995

173.175.174.154:443

162.104.186.175:995

75.109.222.140:995

68.173.55.51:443

78.175.254.43:443

106.159.251.143:995

47.143.83.172:443

71.190.202.120:443

73.136.232.174:995

96.253.104.73:995

192.158.217.32:22

65.153.16.250:993

70.95.129.59:443

Targets

    • Target

      52321edc0c5a3fcb824d591c730e7783194ec5e1c0f617b40ffe760a876924eb

    • Size

      167KB

    • MD5

      0c9bef0496980f1304a14e3fa7737146

    • SHA1

      4a40d0bbe792271c0911c09c5cdd577d7e38a399

    • SHA256

      52321edc0c5a3fcb824d591c730e7783194ec5e1c0f617b40ffe760a876924eb

    • SHA512

      a910b0db163f6cec3914096b3b5a05503a3e92cec82fe60e900157a173bdc154c7376bb229b01612b05eb084427ea3820291d66714b00fd9bec7098972aef916

    Score
    10/10
    qakbot1518695014bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks