Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SS7470.iso

  • Size

    880KB

  • Sample

    221104-ge3kyseaak

  • MD5

    40ecb42ffdad08150d1c7ae9ef5fcd09

  • SHA1

    4efd21a5d51792cb761bf9150facb667961c01f3

  • SHA256

    a06c213833ae57fff7d9c67495e6430f6a9f89f5950b2806da8df0753a0e20e4

  • SHA512

    91af155a8f3f57d86b40fef48a215c39dbd0d775644f90359efbddc2bc355482d77725bff0e0c5c5905e2e6defa8d39c18d22674ba28266ee5734c86e113f591

  • SSDEEP

    24576:x0TAHDiTF6jT5GKg3J8MwYum7p8NCuPvU6P:x00HeUWxwI7sCuPHP

Malware Config

Extracted

Family

qakbot

Version

404.20

Botnet

BB05

Campaign

1667470599

C2

181.118.183.103:443

92.239.81.124:443

174.58.146.57:443

73.223.248.31:443

86.129.13.178:2222

47.34.30.133:443

89.216.114.179:443

41.44.11.227:995

66.180.227.170:2222

46.229.194.17:443

190.74.248.136:443

88.122.208.197:32100

78.161.38.242:443

89.115.196.99:443

174.0.224.214:443

175.205.2.54:443

136.232.184.134:995

213.194.234.75:995

105.154.112.77:443

174.104.184.149:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      SS.lnk

    • Size

      1KB

    • MD5

      5b1c4e4935fd5b0778f314fb37d36ea0

    • SHA1

      0a7c2c474d8c178a4188ae185ae3ad611bef792a

    • SHA256

      7fdc7b226e9e304b955c4707e7adfe053997494e62eff72802b87dace00f50bc

    • SHA512

      aa5c0ec8007eb75b10c001c5d63ddbe356ddab69c2135dd1a2a42541a0afbdb88af5a0ddfe18fe9591d5dbede663abc52608c60c523768d8de8ec540cb75fb7c

    Score
    3/10
    • Target

      pressurization/interceptor.cmd

    • Size

      249B

    • MD5

      221f639bf156503df810cdd2a0f9ce7a

    • SHA1

      3bcf125292e4cb291bee30aff997fb5845e610f0

    • SHA256

      f7682618aeb86bea1438a62d1676b864395c088c1c5eaa9a288685ce8cebc8fc

    • SHA512

      4a8ee0c8dec0d77abdad253aee54f4a7e9cd1658e1488a994ba1059df0a335bede38d3f31a6291089337b795310caaf07132c71d6bc39fd53327233cedfe0270

    Score
    1/10
    • Target

      pressurization/roughness.bat

    • Size

      211B

    • MD5

      6c94bd3451e8a471350bdf6505adad8b

    • SHA1

      381fd2681ab7d8bef1776b01ddfad9b83de62b82

    • SHA256

      f8d76e0c351df79606ad6f232ca045fc98a54d32155fd75b71107b0b04677c68

    • SHA512

      c0f67bcf43e83ab13c7e4830b28097e08bad98ab02eeebb5c1539c0ebc0dae80c534199d0165e9a8e2d604fd4dac5cbc0ee9ccb6384b242faeb8dc6953665181

    Score
    1/10
    • Target

      pressurization/tricky.dat

    • Size

      755KB

    • MD5

      243c552f305d208b8f5f231e7f3a7f83

    • SHA1

      6b9778430ef2563ddb9198ec2b38822aec518f77

    • SHA256

      3905804a6dba4a25bcc469bbd18dee15e6731cbf47c233997b1829f8dac36276

    • SHA512

      b4edac5aaa0c4a15acc1c091eedcac595d93b68cd6a98e03aad00ee36b0ac10eecb6fe7a9ad626ae7363446629053a76a160ff7cade11c695174dd085da7663d

    • SSDEEP

      12288:FN53TigGAAaYOjrtguXsmPKtbKgvAAfRcJtjm/1kfYuqd7pJeG5mCuq6vU6Pm:FHDiTF6jT5GKg3J8MwYum7p8NCuPvU6e

MITRE ATT&CK Enterprise v6

Tasks