Overview

overview

10

Static

static

3

CT.pdf

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CT.pdf

  • Size

    123KB

  • Sample

    221220-nnvp2ahd54

  • MD5

    a49a3f7fd16f27c1d40759e616d07481

  • SHA1

    383b74f20e973f273bc780fc0ca7399ed839f309

  • SHA256

    5e4ba7bc500b5db20d4dcb512c5c617ee36cc5ae8de3315a122a63625609bd43

  • SHA512

    0853ddef2d474d26697a1f9592350d5006dd0017d4aecf081529e28896bd2025c4e7c1e614e02b4d6ee539466de8b99aa7840cae0ece4bff2251ccc05850546b

  • SSDEEP

    3072:xSmlVKvYAYfR6PHFkOvzke5TzxRhLmmpC9yzlvN:s8KvYAYfRiHFk4zZRzxRhLmK227

Score
10/10
qakbotbb111671442875bankerlinkpdfstealertrojan

Malware Config

Extracted

Family

qakbot

Version

404.46

Botnet

BB11

Campaign

1671442875

C2

24.71.120.191:443

121.121.100.148:995

172.90.139.138:2222

70.55.120.16:2222

75.99.125.234:2222

172.248.42.122:443

37.14.229.220:2222

83.7.52.202:443

85.241.180.94:443

90.206.194.248:443

31.53.29.141:2222

72.80.7.6:50003

74.92.243.113:50000

90.48.151.17:2222

176.142.207.63:443

178.153.5.54:443

74.66.134.24:443

46.162.109.183:443

12.172.173.82:993

64.237.240.3:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      CT.pdf

    • Size

      123KB

    • MD5

      a49a3f7fd16f27c1d40759e616d07481

    • SHA1

      383b74f20e973f273bc780fc0ca7399ed839f309

    • SHA256

      5e4ba7bc500b5db20d4dcb512c5c617ee36cc5ae8de3315a122a63625609bd43

    • SHA512

      0853ddef2d474d26697a1f9592350d5006dd0017d4aecf081529e28896bd2025c4e7c1e614e02b4d6ee539466de8b99aa7840cae0ece4bff2251ccc05850546b

    • SSDEEP

      3072:xSmlVKvYAYfR6PHFkOvzke5TzxRhLmmpC9yzlvN:s8KvYAYfRiHFk4zZRzxRhLmK227

    Score
    10/10
    qakbotbb111671442875bankerstealertrojan
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks