Overview

overview

10

Static

static

59b2681c22...02.dll

windows7_x64

10

59b2681c22...02.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5312112483794944.zip

  • Size

    494KB

  • Sample

    220315-la5a7sbcgr

  • MD5

    2022836f537e5b83ebf632bed21d85a7

  • SHA1

    6306303161e3377df1f1b352a7d40c10274e6df4

  • SHA256

    bbdb7f0d7200bef9f5442a37937ae9bea15f2d260e698a89acba3c0a07a09049

  • SHA512

    3b90bb088900487ab2fb3ad9787586d0f5f207f0f29fc8728ccc639ca5e9e97dab82b423126645eb8a6ab4df8f2604ef7fe1031d7ec3171748163621be46fb7b

Score
10/10
qakbotobama101615286191bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

401.138

Botnet

obama10

Campaign

1615286191

C2

76.94.200.148:995

140.82.49.12:443

24.95.61.62:443

195.43.173.70:443

197.45.110.165:995

87.202.87.210:2222

79.115.174.55:443

196.151.252.84:443

45.118.216.157:443

77.211.30.202:995

89.3.198.238:443

47.196.192.184:443

86.175.79.249:443

80.227.5.69:443

70.168.130.172:995

83.110.108.38:2222

71.117.132.169:443

184.189.122.72:443

47.22.148.6:443

84.72.35.226:443
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      59b2681c22d5085f963a4b6ff54e8831e1fc7da9f6ca48f1f964e6148d86b002

    • Size

      786KB

    • MD5

      c26d4d7e565653fb5a4fb38f02581e4c

    • SHA1

      ceec59fd5f661197c823255f3b2f69cb9192c1db

    • SHA256

      59b2681c22d5085f963a4b6ff54e8831e1fc7da9f6ca48f1f964e6148d86b002

    • SHA512

      bbf63385c7b8c9380c22ad5e2f985b0c3d14cc732d457dab4abaa0cbff790831bf6162712d5dcd378236e4ce79fdb03766911a1bed5fe5291fe6a22d0f6bfcba

    Score
    10/10
    qakbotobama101615286191bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks