Resubmissions

09-12-2022 21:31

221209-1djk8shc4x 10

02-12-2022 16:25

221202-txan4she2y 10

General

  • Target

    12099 Dec 01.vhd

  • Size

    80MB

  • Sample

    221202-txan4she2y

  • MD5

    c801fef5cc4eab7c14fbe84be95b6e86

  • SHA1

    73c8d05661752bf32b67a48c98759053fe7b2d07

  • SHA256

    c4820e71333cd9030cf7ff75f81b1c60204e8b8eec4a13925cc1088e72ec9f9d

  • SHA512

    c4f81855e91b317734ae762c872c66f7276fa58c10c072cc909444f8adea4f79820c6fb4b79e56ef34daa877c002c4e04ec739d70e95dd780531fb7eb5142979

  • SSDEEP

    12288:HSUUEfo5I6/o2qgkpUdi9Msme0CWUdOWk4F:HSTiWDvL6Rme0C0Wk4

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

obama224

Campaign

1669794048

C2

75.161.233.194:995

216.82.134.218:443

174.104.184.149:443

173.18.126.3:443

87.202.101.164:50000

172.90.139.138:2222

184.153.132.82:443

185.135.120.81:443

24.228.132.224:2222

87.223.84.190:443

178.153.195.40:443

24.64.114.59:2222

77.126.81.208:443

75.99.125.235:2222

173.239.94.212:443

98.145.23.67:443

109.177.245.176:2222

72.200.109.104:443

12.172.173.82:993

82.11.242.219:443

Attributes
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      12099 Dec 01.lnk

    • Size

      953B

    • MD5

      b71c5c29e3aa07a3051464f4ca39c72c

    • SHA1

      b37b40da060932ab2986ccb1546bf2d3c4890cf3

    • SHA256

      e8eea57788633710619a24bd72f7f99fbdfbb5efb46dbb21d746235f453f0ea5

    • SHA512

      6e806c26caa1868ca8a8214984bf67fdacfda078ca3a153cd09a9e30f980ef5e46aad797e009d2202d9a4b08661cb999f6b489c8e5e5b2650997e40600693f7c

    • Target

      161.dll

    • Size

      600KB

    • MD5

      7e0d3db8bc82120bb2e3fd6331e2316e

    • SHA1

      4be555dad631c9806ef12d450c14e2d68c24ea66

    • SHA256

      5774320ea6f7dfcf17b439739960f4bae5c852b8b30396934c75cf64a556312a

    • SHA512

      ec0a62863a68b86f6c577c91bbb1793d3dd9d5bae1531077e5e4b3a72c2d948b4dc9f92242132e29c98bf19858ca886806891dffd1294b5a8e32e760bd046df8

    • SSDEEP

      12288:QSUUEfo5I6/o2qgkpUdi9Msme0CWUdOWk4F:QSTiWDvL6Rme0C0Wk4

    Score
    1/10

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation

                        Tasks