General

  • Target

    5dae629d2c513da0f7e7091e8f891844c87ba50f61085364ca99092b27756db8

  • Size

    250KB

  • Sample

    221226-xghxbsde25

  • MD5

    71f608f92bc47086a104c8c0c936de46

  • SHA1

    3b66e3b84613ebb9b9433aaf58f1b5322e25ab1e

  • SHA256

    e412d25fda431afe8b1a272a3a8496f777d4c594c7f3c9f65b8b92e9e055dffe

  • SHA512

    80e7a3c0ed861e36584f30f3b2d95de6b1decc255932dff8c7c0ed2c460cac740c70a5ea3ff9281038c178561833460e854ab189e974517b036c85a4c3df5459

  • SSDEEP

    6144:SElL+v1JK2C3J+Ig9E66Qq2elk+93zTno3pMPpUegkFNipq:ZmJK2ksIFOUhz0MpVFNyq

Malware Config

Extracted

Family

qakbot

Version

403.862

Botnet

BB

Campaign

1663148750

C2

193.3.19.37:443

99.232.140.205:2222

99.253.251.74:443

197.94.210.133:443

37.210.148.30:995

14.161.194.86:443

154.181.203.230:995

200.161.62.126:32101

134.35.10.122:443

64.207.215.69:443

81.131.161.131:2078

217.165.85.223:993

78.100.225.34:2222

85.114.110.108:443

102.38.96.108:995

123.240.131.1:443

109.158.159.179:993

186.105.182.127:443

190.44.40.48:995

88.233.194.154:2222

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      5dae629d2c513da0f7e7091e8f891844c87ba50f61085364ca99092b27756db8

    • Size

      437KB

    • MD5

      f3a42966bd9a1fd3e7e46f5917bcd04c

    • SHA1

      1c300c18a182d756472e8a4899e529412bc1ce8e

    • SHA256

      5dae629d2c513da0f7e7091e8f891844c87ba50f61085364ca99092b27756db8

    • SHA512

      44a800fae3232b5ef41f4dc2c9e653ae86c2eef56114e2eb7f0dd0af7f5797291ece2d99a5a65a5c0de13cbe80848aa176691c2dce342b76d6c04aae45c02438

    • SSDEEP

      6144:36N5XNlCfcqFhOdpwNzM2a3gfwp3NkOWuzv/24bktfTGoH:KrducqxNzbaP3WOWuLTCfThH

MITRE ATT&CK Enterprise v6

Tasks