General
-
Target
8735326250.zip
-
Size
310KB
-
Sample
230112-nvanfafg97
-
MD5
9d503876fa3d0fccf62e8ba1d9b0b21f
-
SHA1
55a90824714ad9eee6f9f3a412c8f85631d47269
-
SHA256
e59317eb43837d2afce0ddf08b769f276ca4ed75911a672e8fa396c17ab72942
-
SHA512
00093382fc184f1c2590c0d033edfde74f729a72b47a94fd9a06b4bbfcf843d1577c4361985c2396ec1b124d3a9056ddd2d9a3b5f971bfc901f44185b7868396
-
SSDEEP
6144:werLGORxw+cJ0v9ffHmWJWHAfBY7lL7hkeqH4PoHYQMsfjhdDAC+3C:jfhxw6RfHmWJ5BYNFkeU4Zs7AXC
Static task
static1
Behavioral task
behavioral1
Sample
933005e9963a92ce6492214be5c8d9711d8d231c75424fcbba9678f686626b74.dll
Resource
win7-20221111-en
Malware Config
Extracted
qakbot
403.1051
obama215
1666597712
156.220.185.41:993
37.8.67.5:443
156.197.230.148:995
27.110.134.202:995
172.117.139.142:995
208.78.220.120:443
105.111.102.145:443
102.157.250.192:995
58.247.115.126:995
2.88.206.121:443
189.110.3.60:2222
190.207.137.189:2222
105.98.89.54:443
190.74.248.136:443
189.129.38.158:2222
200.109.204.20:2222
105.103.63.213:443
190.27.103.174:995
206.1.175.95:443
167.58.254.85:443
160.176.137.80:443
41.98.239.92:443
186.18.77.99:443
90.165.109.4:2222
41.107.78.169:443
105.158.78.156:443
197.0.161.64:443
149.126.159.224:443
201.208.58.92:2222
78.179.135.247:443
156.196.169.222:443
196.207.146.151:443
190.100.149.122:995
201.210.121.95:993
1.0.215.176:443
125.25.73.17:995
202.5.53.143:443
206.1.254.89:2087
102.156.162.83:443
220.134.54.185:2222
190.37.174.11:2222
176.241.48.177:443
190.29.228.61:443
41.109.199.129:995
72.217.105.238:443
186.188.80.134:443
41.98.4.251:443
41.101.183.90:443
94.36.5.31:443
41.100.133.221:443
41.108.69.247:443
102.184.30.42:443
102.187.63.127:995
190.33.87.140:443
187.198.16.39:443
62.46.231.64:443
186.18.210.16:443
42.116.54.220:443
197.244.204.128:443
190.203.106.109:2222
200.155.61.245:995
200.155.61.245:443
160.177.168.51:995
105.105.46.239:443
78.162.135.45:443
41.143.109.111:61202
91.171.72.214:32100
197.58.185.117:443
136.232.184.134:995
186.52.96.202:995
163.182.177.80:443
113.170.217.46:443
167.56.53.143:995
181.141.3.126:443
189.216.29.135:443
191.84.65.116:443
196.65.123.130:995
152.170.17.136:443
186.213.214.13:2222
216.131.22.236:995
98.207.190.55:443
186.14.70.229:443
70.173.248.13:443
41.103.187.192:443
197.253.237.2:443
206.1.212.194:443
14.54.83.15:443
103.156.237.170:443
190.206.95.220:2222
181.168.145.94:443
139.190.173.215:443
188.236.139.240:3389
62.11.227.146:443
216.106.216.209:443
207.204.120.40:443
41.103.173.10:443
197.145.137.210:995
102.185.86.69:995
85.100.25.99:443
14.246.151.175:443
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
933005e9963a92ce6492214be5c8d9711d8d231c75424fcbba9678f686626b74
-
Size
537KB
-
MD5
de181fce4f02e3f9c00f48ff9efe9f8a
-
SHA1
418c637aee862071ac875e6ec9fff3c8f5816c76
-
SHA256
933005e9963a92ce6492214be5c8d9711d8d231c75424fcbba9678f686626b74
-
SHA512
d66a5416157027af0d80f94a38147447032fc9bed79263d8ac129e8413049a44a8b1bd3d23513028cea7c4742c6dd0547b308c057c0a160c2db03aefa944c941
-
SSDEEP
12288:C3jf0sjnEhDnvQhfodTGDAg8BE7WErKzS+r:VswDvEfwtksS
-