General
-
Target
blanketing.sql
-
Size
853KB
-
Sample
230116-khfr5scc84
-
MD5
7663706532726cd7a8154385d8565c2c
-
SHA1
0fcb33db3e7effa8f4eb774c6768339d4cf872b2
-
SHA256
1c5df2b7a2a245b48f08b2f2959d5019c8c981a3a2ee9c3bf09e0ad92153f3a4
-
SHA512
e4ca98cc262718a24f74747c34928707fac77b18bc23476a7622a4c65dae245e0ebe933210975b08057216ee6481e8d06db7ba6f13c16d49ee2cb39c35c070d5
-
SSDEEP
12288:B6sCyCCU5YRsOZtxR0DCnEIve6q5W+emDoTh6gadDq1zBnEXX:BDC7CLfMDiV3qIpmDo9uDCdkX
Static task
static1
Behavioral task
behavioral1
Sample
blanketing.dll
Resource
win7-20220812-en
Malware Config
Extracted
qakbot
404.46
obama229
1671092705
74.83.128.70:2083
184.153.132.82:443
91.96.249.3:443
69.119.123.159:2222
81.229.117.95:2222
92.189.214.236:2222
73.155.10.79:443
216.82.134.133:443
184.68.116.146:3389
12.172.173.82:995
103.55.67.180:443
73.29.92.128:443
60.254.51.168:443
86.99.14.46:2222
116.75.63.131:443
72.200.109.104:443
87.202.101.164:50000
93.24.192.142:20
176.142.207.63:443
2.50.140.56:995
41.62.43.47:443
86.98.23.199:443
92.154.17.149:2222
62.170.19.115:2222
109.150.179.181:2222
139.228.33.163:2222
24.228.132.224:2222
217.128.200.114:2222
45.248.169.101:443
217.128.91.196:2222
90.119.197.132:2222
93.147.134.85:443
128.127.21.57:443
92.185.204.18:2078
108.6.249.139:443
92.145.203.167:2222
24.206.27.39:443
178.152.25.80:443
87.57.13.215:443
75.143.236.149:443
49.245.119.12:2222
84.35.26.14:995
86.130.9.250:2222
147.148.234.231:2222
83.114.60.6:2222
213.67.255.57:2222
102.40.202.189:995
149.126.159.106:443
50.68.204.71:995
47.41.154.250:443
50.68.204.71:443
12.172.173.82:465
190.18.236.175:443
79.13.202.140:443
70.55.120.16:2222
123.3.240.16:995
70.115.104.126:995
188.48.116.37:995
87.65.160.87:995
221.161.103.6:443
27.99.45.237:2222
76.80.180.154:995
103.144.201.62:2078
72.80.7.6:995
90.104.22.28:2222
199.83.165.233:443
78.193.176.97:443
76.100.159.250:443
47.34.30.133:443
87.149.127.43:995
108.162.6.34:443
73.161.176.218:443
136.232.184.134:995
124.122.55.7:443
77.86.98.236:443
51.186.2.140:443
109.11.175.42:2222
93.156.97.145:443
88.126.94.4:50000
216.160.116.140:2222
31.167.254.199:995
217.165.234.153:443
89.129.109.27:2222
49.205.231.75:2222
96.246.158.46:995
50.68.204.71:993
216.36.153.248:443
84.219.213.130:6881
184.176.154.83:995
92.207.132.174:2222
142.161.27.232:2222
49.175.72.56:443
184.68.116.146:2078
66.191.69.18:995
90.89.95.158:2222
198.2.51.242:993
73.36.196.11:443
176.151.15.101:443
75.158.15.211:443
69.133.162.35:443
184.68.116.146:61202
12.172.173.82:21
186.64.67.55:443
162.248.14.107:443
86.225.214.138:2222
91.231.172.236:995
83.92.85.93:443
24.142.218.202:443
70.77.116.233:443
75.98.154.19:443
81.248.77.37:2222
12.172.173.82:50001
12.172.173.82:22
172.117.139.142:995
70.120.228.205:443
79.77.142.22:2222
80.44.148.126:2222
78.101.91.215:2222
181.118.206.65:995
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
blanketing.sql
-
Size
853KB
-
MD5
7663706532726cd7a8154385d8565c2c
-
SHA1
0fcb33db3e7effa8f4eb774c6768339d4cf872b2
-
SHA256
1c5df2b7a2a245b48f08b2f2959d5019c8c981a3a2ee9c3bf09e0ad92153f3a4
-
SHA512
e4ca98cc262718a24f74747c34928707fac77b18bc23476a7622a4c65dae245e0ebe933210975b08057216ee6481e8d06db7ba6f13c16d49ee2cb39c35c070d5
-
SSDEEP
12288:B6sCyCCU5YRsOZtxR0DCnEIve6q5W+emDoTh6gadDq1zBnEXX:BDC7CLfMDiV3qIpmDo9uDCdkX
-