General

  • Target

    4054fb7357102fa5fcb52bc91a2a9863324b13af61ef2963fe0a471b565594dc

  • Size

    249KB

  • Sample

    230103-bbk9lsgg89

  • MD5

    9ad36d75200197d301f224eacc3dd943

  • SHA1

    04dfcd0cacd126595c97373959edd622257e0785

  • SHA256

    503e62505c8567bfdb66fcd1119b2a5769c3dd6b3748a3a4eb9aa9430b3a4a1c

  • SHA512

    ff6608b954759025fd09a929b283b18703344f8802df6faddd248ae7d554cbcf20923e3b577a36d6fcf7e71b986a0bc1de2fbccd57683e369ee46b09ca10448f

  • SSDEEP

    6144:NElL+v1JK2C3J+Ig9E66Qq2elk+93zTno3pMPpUegkFN3N:EmJK2ksIFOUhz0MpVFN3N

Malware Config

Extracted

Family

qakbot

Version

403.862

Botnet

BB

Campaign

1663148750

C2

193.3.19.37:443

99.232.140.205:2222

99.253.251.74:443

197.94.210.133:443

37.210.148.30:995

14.161.194.86:443

154.181.203.230:995

200.161.62.126:32101

134.35.10.122:443

64.207.215.69:443

81.131.161.131:2078

217.165.85.223:993

78.100.225.34:2222

85.114.110.108:443

102.38.96.108:995

123.240.131.1:443

109.158.159.179:993

186.105.182.127:443

190.44.40.48:995

88.233.194.154:2222

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      4054fb7357102fa5fcb52bc91a2a9863324b13af61ef2963fe0a471b565594dc

    • Size

      427KB

    • MD5

      8c01768c24f3aaaf56b77a27f6783977

    • SHA1

      8377ca384e5013177797421c9138293df1f9465d

    • SHA256

      4054fb7357102fa5fcb52bc91a2a9863324b13af61ef2963fe0a471b565594dc

    • SHA512

      846c0236118027701977e519986c53412ac95224522f8ba939142b9b938957ff19d1d37bb300a178a9d7a05f6ca0c285a7ca9c978503461523cf804767d0a192

    • SSDEEP

      6144:36N5XNlCfcqFhOdpwNzM2a3gfwp3NkOWuzv/24bktfTGoH:KrducqxNzbaP3WOWuLTCfThH

MITRE ATT&CK Enterprise v6

Tasks