General

  • Target

    01041fa0a379a83349c9f3cecf4ef3b493ba63b0cbcda769bbb227d1dbf3d4e7

  • Size

    249KB

  • Sample

    221224-wvdzvsde8y

  • MD5

    83a1513a5fe06a0b9ea8eb0f28b37fe2

  • SHA1

    2bdcb9639e316a05c65bd7481303f53e0beee21f

  • SHA256

    9526c485edc26385ae02d62942d62c71489523a3b08f5b049dcd50900b11e3c3

  • SHA512

    dd41207f5e2e13f760142167b4524870e41b7b4f043f317197dca1da072413f8b1da1061cdccebbe97a5d6c06010a020a2256470bed9a52d3adf6ebe29c2fa86

  • SSDEEP

    6144:4ElL+v1JK2C3J+Ig9E66Qq2elk+93zTno3pMPpUegkFNix:jmJK2ksIFOUhz0MpVFNix

Malware Config

Extracted

Family

qakbot

Version

403.862

Botnet

BB

Campaign

1663148750

C2

193.3.19.37:443

99.232.140.205:2222

99.253.251.74:443

197.94.210.133:443

37.210.148.30:995

14.161.194.86:443

154.181.203.230:995

200.161.62.126:32101

134.35.10.122:443

64.207.215.69:443

81.131.161.131:2078

217.165.85.223:993

78.100.225.34:2222

85.114.110.108:443

102.38.96.108:995

123.240.131.1:443

109.158.159.179:993

186.105.182.127:443

190.44.40.48:995

88.233.194.154:2222

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      01041fa0a379a83349c9f3cecf4ef3b493ba63b0cbcda769bbb227d1dbf3d4e7

    • Size

      424KB

    • MD5

      1e35c1cc2abdd8c1c2d60b46438ddce5

    • SHA1

      ee781e1df2cefa7a0f93b06673812392389a24a4

    • SHA256

      01041fa0a379a83349c9f3cecf4ef3b493ba63b0cbcda769bbb227d1dbf3d4e7

    • SHA512

      7642ca89b555b5ba86db274c81589e68e908cd4f1f5f93650caeb6d53f4693290a229a05a68427a6aa6128475604fb3593a56c370a62172a3f4e22ca679acf06

    • SSDEEP

      6144:36N5XNlCfcqFhOdpwNzM2a3gfwp3NkOWuzv/24bktfTGoH:KrducqxNzbaP3WOWuLTCfThH

MITRE ATT&CK Enterprise v6

Tasks