Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    contaminative.dat.dll

  • Size

    1.6MB

  • Sample

    221031-v3pwnabeh6

  • MD5

    7e7bdad13f25974c9bd07b0591d2773e

  • SHA1

    fd0d969841ec7654b1b969d8c296031c3575d63c

  • SHA256

    e9e65452644cf71bddbd3a324c171117c3df219a642bca6083ee6796dc5365c2

  • SHA512

    a7f3e3e0c8c3d07993694a30e7853d81ae97417d17ec93287cd9a5da30a305dbfad5a79b5431d599581ba05aa8d0b0b58dea88a61b20031294aaa32ee9038a82

  • SSDEEP

    24576:hdOBKJGDcYOGm+FpvC04Rl3ZC499TlgxE29S3GrOk8YdSkQh:hs9dm+n60YZCZY3+R8Ydkh

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

BB05

Campaign

1667208557

C2

174.77.209.5:443

187.0.1.74:23795

24.206.27.39:443

1.156.220.169:30723

156.216.39.119:995

58.186.75.42:443

1.156.197.160:30467

187.1.1.190:4844

186.18.210.16:443

1.181.56.171:771

90.165.109.4:2222

187.0.1.186:39742

87.57.13.215:443

187.0.1.207:52344

227.26.3.227:1

98.207.190.55:443

187.0.1.197:7017

188.49.56.189:443

102.156.160.115:443

187.0.1.24:17751

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      contaminative.dat.dll

    • Size

      1.6MB

    • MD5

      7e7bdad13f25974c9bd07b0591d2773e

    • SHA1

      fd0d969841ec7654b1b969d8c296031c3575d63c

    • SHA256

      e9e65452644cf71bddbd3a324c171117c3df219a642bca6083ee6796dc5365c2

    • SHA512

      a7f3e3e0c8c3d07993694a30e7853d81ae97417d17ec93287cd9a5da30a305dbfad5a79b5431d599581ba05aa8d0b0b58dea88a61b20031294aaa32ee9038a82

    • SSDEEP

      24576:hdOBKJGDcYOGm+FpvC04Rl3ZC499TlgxE29S3GrOk8YdSkQh:hs9dm+n60YZCZY3+R8Ydkh

MITRE ATT&CK Matrix

Tasks