Overview

overview

10

Static

static

user.dll

windows7-x64

10

user.dll

windows10-2004-x64

10

Resubmissions

27/12/2022, 14:30

221227-rt6w2aab9s 10

27/12/2022, 14:29

221227-rt3jlsfa43 10

27/12/2022, 12:27

221227-pmp9laeh37 10

27/12/2022, 12:24

221227-pk183saa9s 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    user.dat

  • Size

    2.0MB

  • Sample

    221227-pmp9laeh37

  • MD5

    37bf163c9a37e27cdbb8c5db31457063

  • SHA1

    6e5a4df996ffefd5ef01ff8a13913ec09ba404da

  • SHA256

    c08675ecfcb06a2b57b946051d3a63693e4a1de9a33cc98f0cb8a50205906edf

  • SHA512

    131dfdc3f1e648718887648690f0631bd6d77e137d2562aa47d5abec058dcde93f2c3f12bc82ca487d3d60285c126707eae414738f04e20325c599fab3ae072b

  • SSDEEP

    49152:TDG9pmVnnyKKdmwLxSMKmc2qgI9Mprlcuhz6:/VVnnP8XLQL2q1YSu

Score
10/10
qakbotbb111671561386bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

404.62

Botnet

BB11

Campaign

1671561386

C2

184.68.116.146:3389

92.189.214.236:2222

73.29.92.128:443

92.239.81.124:443

47.203.227.114:443

199.83.165.233:443

12.172.173.82:995

12.172.173.82:50001

136.244.25.165:443

37.15.128.31:2222

91.96.249.3:443

92.27.86.48:2222

75.156.125.215:995

93.147.134.85:443

86.176.246.195:2222

89.129.109.27:2222

70.55.120.16:2222

50.67.17.92:443

78.92.133.215:443

190.100.149.122:995
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      user.dat

    • Size

      2.0MB

    • MD5

      37bf163c9a37e27cdbb8c5db31457063

    • SHA1

      6e5a4df996ffefd5ef01ff8a13913ec09ba404da

    • SHA256

      c08675ecfcb06a2b57b946051d3a63693e4a1de9a33cc98f0cb8a50205906edf

    • SHA512

      131dfdc3f1e648718887648690f0631bd6d77e137d2562aa47d5abec058dcde93f2c3f12bc82ca487d3d60285c126707eae414738f04e20325c599fab3ae072b

    • SSDEEP

      49152:TDG9pmVnnyKKdmwLxSMKmc2qgI9Mprlcuhz6:/VVnnP8XLQL2q1YSu

    Score
    10/10
    qakbotbb111671561386bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks