Overview
overview
10Static
static
LearnS.lnk
windows7-x64
3LearnS.lnk
windows10-2004-x64
3assaulting...ded.js
windows7-x64
3assaulting...ded.js
windows10-2004-x64
1assaulting/milt.dll
windows7-x64
10assaulting/milt.dll
windows10-2004-x64
10assaulting...ly.cmd
windows7-x64
1assaulting...ly.cmd
windows10-2004-x64
1General
-
Target
Learn#4680.iso
-
Size
686KB
-
Sample
221001-cd4peagcfn
-
MD5
552c3ee513509efb205ffaa2ee57b5e0
-
SHA1
6bb645dd2b07e9df32426f256cd56250d6b1b98e
-
SHA256
d2b4f004d88fa1aa8e075ceeb4dc785fcbfb16d5297c7a2e5d36d653fe77d853
-
SHA512
5de31ceb9a790a24f96307474d918873a3c3d0b13136371dd8b803a8d16c294b2dc6b59865d080a635694ec65e1baadb631e70d1d6c338e57a76c69bd7e6c249
-
SSDEEP
12288:Mzxl3goMdrbdJ6wQ8faVO099oBZfZvgWr6:M6Tdf6aAHeZfZv
Static task
static1
Behavioral task
behavioral1
Sample
LearnS.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
LearnS.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
assaulting/baronessSubsided.js
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
assaulting/baronessSubsided.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
assaulting/milt.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
assaulting/milt.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
assaulting/testifiersEquivalently.cmd
Resource
win7-20220901-en
Behavioral task
behavioral8
Sample
assaulting/testifiersEquivalently.cmd
Resource
win10v2004-20220812-en
Malware Config
Extracted
qakbot
75.116.87.44:14933
64.55.103.194:9151
80.214.68.88:40730
97.184.129.40:2118
216.44.143.70:26851
239.39.127.10:38876
57.33.10.57:17737
201.128.252.151:58865
211.76.239.250:34506
124.58.65.86:13247
41.8.154.58:7614
6.55.240.195:27003
139.242.121.12:23370
8.81.30.103:64297
168.13.24.67:37382
17.219.125.20:59669
136.66.66.194:40287
63.172.177.141:57252
195.44.25.26:29277
67.212.106.154:59890
149.254.111.67:39052
184.74.22.12:50436
166.33.149.229:19515
172.102.164.60:43562
155.28.49.2:51545
7.122.114.191:33775
220.68.130.196:7948
121.236.113.177:14197
47.2.191.47:32393
49.93.218.109:41033
174.124.34.188:14831
178.143.168.245:48707
159.196.166.193:58136
1.104.105.37:49572
225.108.223.250:46683
105.208.24.120:59473
180.179.25.125:42514
236.83.216.21:0
90.29.227.242:1085
212.204.93.86:48405
115.34.223.65:24926
250.151.244.173:3488
16.95.145.59:42025
50.6.212.181:17804
23.86.160.130:53103
212.133.85.240:62503
122.125.236.31:0
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
LearnS.lnk
-
Size
1KB
-
MD5
940349f802740d4f3be6d156f83b9bb4
-
SHA1
48c5333b1dd31dbe910dbd15b1db0ad0ea0936ae
-
SHA256
f910eea03fb6649f038e58932c5636ca80a7fba678a16f0793dbae7e407680b9
-
SHA512
aca2cbd5f4fc21a47cf31696e4093458a82401a3ec3cc82fa901de29cef1292765c68eeff099243e83ff249ce97c6eed067b956d9d4c8b4b16d5425cf5108a51
Score3/10 -
-
-
Target
assaulting/baronessSubsided.js
-
Size
236B
-
MD5
773ef81ef7aeb4e37a6c0a58b212a24e
-
SHA1
106508be9c6961046c79400f32bfc66f3e9145f4
-
SHA256
8daad84fa544d5a57402c76d492b7d2eb0e4299e7337ef6d0c9b07024b4e9e0c
-
SHA512
eecd321e0baaa02718df0c748352813c4230f6805c95c5f67216a3de5e8032463e68fdb1dd8d5d9098535181c8619ca44246a0ed9bdba31e6c237e6c74182cb7
Score3/10 -
-
-
Target
assaulting/milt.dat
-
Size
448KB
-
MD5
24c89f5383c6dca654f27383b1ec00a3
-
SHA1
7766a0a045e56fe16fb5b9e0c5d7c1d047eb36c6
-
SHA256
bb2540e27de2b8d3d154fee3efa8e2cbefdf25e5a1d76b4cedf49ac3917a1471
-
SHA512
58bffa71d6be31e136c220828ba0565a7e9231e363804beefc66f47653cf80af94bcc5c221444e6f7f1707dbe915279d67c77592ccedc2d5f09b29bc62f39eb3
-
SSDEEP
6144:NWlZhgoMdtBYTNSlWBsAOvbd62IYQ8jjHH62uzdMzD9699o9:cl3goMdrbdJ6wQ8faVO099o
-
-
-
Target
assaulting/testifiersEquivalently.cmd
-
Size
104B
-
MD5
8006296cc4bf5b5e5f9e3aa63b2f164e
-
SHA1
a2c7125717b8325ba5dcd2418a1bcd850eae7a13
-
SHA256
21b14d6ccbee2cd651c765ed86cb35a69a77643cd30d6f1abcae2e7d2f3ae59c
-
SHA512
48f768d85d8609110a0691d4364b8036ce7e54862d0289801dc86ec0e0c36adc1892d9ece7a7f242742107ee56c9249bdd5a1c3f337173c6b95a8e4e8ff0a875
Score1/10 -