Resubmissions

04-11-2022 15:53

221104-tby5ksgeg4 10

04-11-2022 15:29

221104-swwphsgdc4 3

04-11-2022 14:47

221104-r52rfsgbc2 10

General

  • Target

    D6.zip

  • Size

    438KB

  • Sample

    221104-tby5ksgeg4

  • MD5

    8ba3564843f1ad7f3b3a9740076d7306

  • SHA1

    540d05eb64cb8507c9d654342d10f7dafca63128

  • SHA256

    ba7dcbf926cdfa0bb93992ac5a03d178c41ed9532f3b16f6e6534e02a8d247a2

  • SHA512

    3de27541f416376843c46f4c85787481711060ec7d1c574ce3c3b79e8c7f36823415e24ec895d7ceaa1748b14b2f6067dc56cc11ff20366b9f8c166ac956cb8d

  • SSDEEP

    6144:chITo+0nZF+V/VaIS2MRaCQ4EPQEqpjBK3Vk7nljfbV7jZkLElZC6MGWlqrJNe8:g+0S/AXxsQrq3VinlNlZfPS4j

Malware Config

Extracted

Family

qakbot

Version

404.20

Botnet

BB05

Campaign

1667470599

C2

181.118.183.103:443

92.239.81.124:443

174.58.146.57:443

73.223.248.31:443

86.129.13.178:2222

47.34.30.133:443

89.216.114.179:443

41.44.11.227:995

66.180.227.170:2222

46.229.194.17:443

190.74.248.136:443

88.122.208.197:32100

78.161.38.242:443

89.115.196.99:443

174.0.224.214:443

175.205.2.54:443

136.232.184.134:995

213.194.234.75:995

105.154.112.77:443

174.104.184.149:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      SS.lnk

    • Size

      1KB

    • MD5

      6be437c70c2ddced62b523f7dc8c4ff6

    • SHA1

      edde62ddbc8199b01ef1312b627c269857d3f328

    • SHA256

      204339e1c32768cd21548e785433ee3e94d7de6d243c4bc1b8b388815d94d28c

    • SHA512

      2f300496abf6b5bf32a462f7182bb251ddb3256b3403230b37a8198a7ffc158141a307810f9641fc78998f1460669ae803df4cab39c5052d24f66820175ef89d

    Score
    3/10
    • Target

      pressurization/dissecting.bat

    • Size

      228B

    • MD5

      e4abed567a6ebb24750efd8e8572e648

    • SHA1

      c8d94bb9033208537398051551fb5d85ea2fe509

    • SHA256

      07b41a33bef6dc946380246890d68ba54a2861b173c5250631dc65cf27468e5e

    • SHA512

      819e361f5b3164d36b73a10505f25331e5f8ff92d747ef8c1eb0367e93199e5ba7644fe2f4de68dff66d1f4399caaa9a8b49eb8656fab6033fe3ce4a3eb8bcb6

    Score
    1/10
    • Target

      pressurization/exasperater.cmd

    • Size

      259B

    • MD5

      f14cbf707cd69cbfe61dedc40595cb11

    • SHA1

      abe513e9d35f3797b220f191a2717808758061a1

    • SHA256

      4e078b7dd845b58b09566cce89cce3eb8d0ef576c042574702e3ede24881e308

    • SHA512

      ebd77054c56ea608c9d940dc60bfdf193110b5dfa457c933c4d609d37d3c2908bbffed7807406ce913e93c32017131431987f9a5eb728be68dc76b32de203169

    Score
    1/10
    • Target

      pressurization/lineal.dat

    • Size

      755KB

    • MD5

      1ebd27618b41e501d574a5e2036131e4

    • SHA1

      f0fbf97f3b1737d62255c57640262748ac0293bc

    • SHA256

      d24ba82ea5c24288f1ad640198eaa19e513e4bfa17145c406e0cd3f10069b4e5

    • SHA512

      36706d91787bbbf78802450a3f574209dbae6c08b81d322f08fce688a9376471de4a526c7c9a0f496b9322a6e73e4069eb23acd87759087d5b2b2fd4e547c09f

    • SSDEEP

      12288:FN53TigGAAaYOjrtguXsmPKtbKgvAAfRcJtjm/1kJYuqd7pJeG5mCuq6vU6Pm:FHDiTF6jT5GKg3J8M2Yum7p8NCuPvU6e

MITRE ATT&CK Enterprise v6

Tasks