Resubmissions

12/01/2023, 02:55

230112-dem9gsfa37 10

11/01/2023, 22:14

230111-155yjsee66 10

11/01/2023, 21:36

230111-1f89nsee25 10

General

  • Target

    ybquksz.dll

  • Size

    787KB

  • Sample

    230111-155yjsee66

  • MD5

    f85b7c141005016107d05ee6cb4aa59d

  • SHA1

    4ae0130c517190a17a40d08da69e5645b6bbacd6

  • SHA256

    10a74012796e11513c09c081a028e95f22af26771f19b5d09480d1c892e6d2f2

  • SHA512

    867eb566db73e1ab25135af5ba22132f1a4200766a110562a42dc1db74650f8714d424b3c9e7101587cfb76506a5c8fe9ec76152610c2d0a09a48ccf837e4c87

  • SSDEEP

    12288:ErTtn5Aa6oQueSgqO46Xq+D0XdSwkcVs8OGSRrzw:+x5Cx4737tL3p5SRrzw

Malware Config

Extracted

Family

qakbot

Version

404.62

Botnet

notset

Campaign

1671893271

C2

172.248.42.122:443

76.100.159.250:443

92.8.187.85:2222

2.14.140.222:2222

69.133.162.35:443

50.68.204.71:995

94.30.98.134:32100

86.183.251.169:2222

121.121.100.148:995

172.90.139.138:2222

12.172.173.82:32101

74.92.243.113:50000

174.58.146.57:443

12.172.173.82:993

12.172.173.82:990

174.104.184.149:443

74.66.134.24:443

109.11.175.42:2222

85.59.61.52:2222

184.176.154.83:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      ybquksz.dll

    • Size

      787KB

    • MD5

      f85b7c141005016107d05ee6cb4aa59d

    • SHA1

      4ae0130c517190a17a40d08da69e5645b6bbacd6

    • SHA256

      10a74012796e11513c09c081a028e95f22af26771f19b5d09480d1c892e6d2f2

    • SHA512

      867eb566db73e1ab25135af5ba22132f1a4200766a110562a42dc1db74650f8714d424b3c9e7101587cfb76506a5c8fe9ec76152610c2d0a09a48ccf837e4c87

    • SSDEEP

      12288:ErTtn5Aa6oQueSgqO46Xq+D0XdSwkcVs8OGSRrzw:+x5Cx4737tL3p5SRrzw

MITRE ATT&CK Matrix

Tasks