General
-
Target
Overdue_1833.iso
-
Size
446KB
-
Sample
221006-tkmg5shha7
-
MD5
ee274056a1eba6da6e98d934988a8e25
-
SHA1
89631607e492e68ccc3b227e9dfe1b70e7fff994
-
SHA256
c1efca753dedafb2fa206085cc45583e9af9e233a3248e958a5e1ece7982837f
-
SHA512
364e170de7d186285e1c18e99860cc94788a5a7b81a27aec68392a2656839b701fcc6929b4a655c0c578cc3e89869d39f4d9671d5bd2b28e7f00074970372870
-
SSDEEP
6144:0tgTFlqteWTBa5WsoUReNsyLK9+8WqniKS9jyA9yjHHXsBcfmL/p+LIORL6qYFYM:y8z4TU5WsoURzN9ftniPHlQEFYM
Static task
static1
Behavioral task
behavioral1
Sample
6438/1722.cmd
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
6438/1722.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
6438/fearfully.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
6438/fearfully.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
Overdue.lnk
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
Overdue.lnk
Resource
win10v2004-20220901-en
Malware Config
Extracted
qakbot
78.94.148.92:1753
134.180.185.240:32987
201.136.101.182:38323
124.77.95.5:46163
196.90.29.190:30693
187.144.110.117:36330
10.44.33.140:65267
162.117.200.91:29984
159.254.223.192:31154
11.239.81.233:37
31.248.76.23:24072
224.77.182.18:55579
124.230.27.11:44408
205.255.39.94:54675
192.1.213.104:14212
145.3.120.239:20068
242.199.30.106:9157
243.240.195.106:42825
74.234.32.185:42698
102.51.5.67:47820
43.190.241.127:50708
29.119.168.182:51370
54.106.172.208:21101
76.55.174.209:2746
71.182.193.130:5327
111.143.132.167:9985
173.210.161.232:27188
22.155.219.162:29117
167.159.67.2:42455
80.214.112.151:9618
75.86.4.24:35165
106.146.239.56:49679
194.127.196.112:59762
64.184.233.29:48193
218.86.11.123:62100
108.87.254.103:36138
240.129.151.227:4400
96.117.66.72:0
48.220.224.248:32917
240.164.22.246:57048
224.87.85.180:40164
214.9.213.13:12523
117.180.92.184:46633
73.23.253.56:17393
162.74.55.118:4571
9.252.189.253:60714
101.200.152.191:46287
110.117.95.0:0
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
6438/1722.cmd
-
Size
259B
-
MD5
3c3c6861a7b06edf3d7ab40e6a239eb7
-
SHA1
f9b416533bcabd4096ab3cd1b138194b0d7bb47f
-
SHA256
4ce57b83a2c32680ec5c45efc486e38e6985cdcea78593882ce041940014dbfa
-
SHA512
9830d3370d412d714e395c02b56dd887d162611be83f8aa75db84ee480b5b09d634db24d71a165bdcd346fe7481cf5249dd17ea8ab1c9aa50689f49709616923
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
6438/fearfully.dat
-
Size
386KB
-
MD5
b5cd890b8ba5f31c3f7e457f40f5d728
-
SHA1
18c143ba12246321416b77e67afac04825fca12f
-
SHA256
051eda78705b38dc1577ef8ea4e972990d32ca7b39b4981127b2e4221d110f2a
-
SHA512
47774e8bd59ccce5e9a1e4e52d0b19b0561ac06a800e06f1d0e8121d06de6cf74496a188ec8737b18456d57cbe1ac9f2571c63085754dccbe93cb23d56a4fe79
-
SSDEEP
6144:XtgTFlqteWTBa5WsoUReNsyLK9+8WqniKS9jyA9yjHHXsBcfmL/p+LIORL6qYFYM:d8z4TU5WsoURzN9ftniPHlQEFYM
-
-
-
Target
Overdue.lnk
-
Size
1KB
-
MD5
dfa86146631771fbd7e584549c66d129
-
SHA1
854a8b619e52a7f54d86a1f21a58b0bbbea420da
-
SHA256
5f0e2ea9dd2937edc742420b739775bae7d89bac5f208eefbea44200ce2698ca
-
SHA512
aaa6e434cb8cafbb4c397745bf164fa0201922e582bb1c281165c4a210f96d470c5837ba9cef815ae06081a5038699abe59e70cf3fbd9fb7ce8549329f526530
Score3/10 -