Overview

overview

10

Static

static

9

75fe69b315...01.dll

windows7_x64

10

75fe69b315...01.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75fe69b3150f41b953bab2d227ac2c06a056d333be859ae28908280075eedb01

  • Size

    2.1MB

  • Sample

    220309-sxz4bshhh9

  • MD5

    ff00de713a07cff7c785fef8139033cc

  • SHA1

    50badd84c1d45d73adf41515240b7e4fa0cb956e

  • SHA256

    75fe69b3150f41b953bab2d227ac2c06a056d333be859ae28908280075eedb01

  • SHA512

    c129831ab8fa475743ca893d72ae734b527dba95d800e92551c2c1a68c6025b739d5d263f7a3fcb2187003adb05adc7d48fcd4ffc60417c5869bf0d046eb6ac1

Score
10/10
qakbotnotset1607006214bankercryptonepackerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

401.62

Botnet

notset

Campaign

1607006214

C2

96.227.127.13:443

174.20.161.243:995

83.196.50.197:2222

116.240.78.45:995

80.11.5.65:2222

181.169.88.203:443

72.252.201.69:443

94.69.242.254:2222

187.213.136.249:995

96.27.47.70:2222

78.181.19.134:443

71.182.142.63:443

178.222.114.132:995

68.134.181.98:443

172.87.134.226:443

217.133.54.140:32100

151.56.214.79:443

72.240.200.181:2222

41.233.153.21:993

87.27.110.90:2222
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      75fe69b3150f41b953bab2d227ac2c06a056d333be859ae28908280075eedb01

    • Size

      2.1MB

    • MD5

      ff00de713a07cff7c785fef8139033cc

    • SHA1

      50badd84c1d45d73adf41515240b7e4fa0cb956e

    • SHA256

      75fe69b3150f41b953bab2d227ac2c06a056d333be859ae28908280075eedb01

    • SHA512

      c129831ab8fa475743ca893d72ae734b527dba95d800e92551c2c1a68c6025b739d5d263f7a3fcb2187003adb05adc7d48fcd4ffc60417c5869bf0d046eb6ac1

    Score
    10/10
    qakbotnotset1607006214bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks