Overview

overview

10

Static

static

10

c2ba065654...3a.dll

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c2ba065654f13612ae63bca7f972ea91c6fe97291caeaaa3a28a180fb1912b3a

  • Size

    543KB

  • Sample

    220728-sd3p4shcen

  • MD5

    ffaf9cd085434fd5230511ab895ba494

  • SHA1

    9e49d29d66d380255e5e8e2ccf19f5b51eb92001

  • SHA256

    c2ba065654f13612ae63bca7f972ea91c6fe97291caeaaa3a28a180fb1912b3a

  • SHA512

    01890758e839b3eb90dc3711dd470ba1e232798ed0f62d89185e450877161fd321b5b125ab0a64f270c2f37ef129f59eb5848164d26fb4965534d77a0d4f2300

Score
10/10
qakbotaa1649660679bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

403.573

Botnet

AA

Campaign

1649660679

C2

41.228.22.180:443

47.23.89.62:995

176.67.56.94:443

103.107.113.120:443

148.64.96.100:443

47.180.172.159:443

181.118.183.98:443

140.82.49.12:443

103.87.95.133:2222

96.21.251.127:2222

197.167.62.14:993

46.107.48.202:443

24.43.99.75:443

172.115.177.204:2222

80.11.74.81:2222

66.98.42.102:443

75.99.168.194:61201

173.174.216.62:443

45.9.20.200:443

39.41.158.185:995
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      c2ba065654f13612ae63bca7f972ea91c6fe97291caeaaa3a28a180fb1912b3a

    • Size

      543KB

    • MD5

      ffaf9cd085434fd5230511ab895ba494

    • SHA1

      9e49d29d66d380255e5e8e2ccf19f5b51eb92001

    • SHA256

      c2ba065654f13612ae63bca7f972ea91c6fe97291caeaaa3a28a180fb1912b3a

    • SHA512

      01890758e839b3eb90dc3711dd470ba1e232798ed0f62d89185e450877161fd321b5b125ab0a64f270c2f37ef129f59eb5848164d26fb4965534d77a0d4f2300

    Score
    10/10
    qakbotaa1649660679bankerstealertrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks