Overview

overview

10

Static

static

defrosts.dat.dll

windows7-x64

10

defrosts.dat.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    defrosts.dat.dll

  • Size

    650KB

  • Sample

    221003-18gp5aaaal

  • MD5

    3d348e2c37855dd4a1b94eff371ab3f1

  • SHA1

    3e66fc73001380b170e658561f19441262011af6

  • SHA256

    f56d25cf9f20f2040b2ec14f769f36aa14819f56f6b254c0831c9b2a024b8c8d

  • SHA512

    8cbade23ddcbfcad5ea242e4926e194daad958b8ff61069220165a0fe4b660fc8c19ce56f39ac6bfd4defeb7525b2268665a01b5ebb8aaa2e5c31ee532b50052

  • SSDEEP

    12288:e04qh9jnmGxBGex5ikJdspJRtsdi21LcVUK:ayjn5PyVWdR1L/K

Score
10/10
qakbotbankerstealertrojan

Malware Config

Extracted

Family

qakbot

C2

70.238.223.142:65113

108.212.133.125:43749

91.204.181.165:28980

227.138.255.213:57594

252.124.102.160:59802

84.56.235.30:702

40.12.38.164:4225

163.55.16.87:6230

235.167.221.218:44172

113.34.86.36:44766

3.198.145.208:34010

194.217.45.198:36220

198.194.188.181:22851

149.133.92.184:61270

135.120.183.211:3151

45.206.222.245:43045

246.179.112.12:64397

88.106.24.76:30867

140.20.244.190:8098

218.91.78.249:2943
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      defrosts.dat.dll

    • Size

      650KB

    • MD5

      3d348e2c37855dd4a1b94eff371ab3f1

    • SHA1

      3e66fc73001380b170e658561f19441262011af6

    • SHA256

      f56d25cf9f20f2040b2ec14f769f36aa14819f56f6b254c0831c9b2a024b8c8d

    • SHA512

      8cbade23ddcbfcad5ea242e4926e194daad958b8ff61069220165a0fe4b660fc8c19ce56f39ac6bfd4defeb7525b2268665a01b5ebb8aaa2e5c31ee532b50052

    • SSDEEP

      12288:e04qh9jnmGxBGex5ikJdspJRtsdi21LcVUK:ayjn5PyVWdR1L/K

    Score
    10/10
    qakbotbankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks