General
-
Target
a99cc099b6f3aba69cfbf5622a49a3a18656ef37aede59f602592e474feb33a1
-
Size
5.3MB
-
Sample
230129-r77qgsbe86
-
MD5
355f26c227eb69420a10178dc4256e5d
-
SHA1
a0d4518b19d76d5eabdb815c02228821160dc05c
-
SHA256
a99cc099b6f3aba69cfbf5622a49a3a18656ef37aede59f602592e474feb33a1
-
SHA512
bc293a5085b9a55d06a0e4177d7bbc02a27c5dc508114929559db4d38623af78df79146b7d10ae3ee9622d0cc06d9a037be858b9b283e28c5fbef02bcfe1b32f
-
SSDEEP
12288:WP7EiG90hJb9OWf/90yzhmasNmQnH22QG:eiH2O
Static task
static1
Behavioral task
behavioral1
Sample
a99cc099b6f3aba69cfbf5622a49a3a18656ef37aede59f602592e474feb33a1.vbs
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
a99cc099b6f3aba69cfbf5622a49a3a18656ef37aede59f602592e474feb33a1.vbs
Resource
win10v2004-20220901-en
Malware Config
Extracted
qakbot
323.91
spx18
1570091485
71.77.231.251:443
73.226.220.56:443
12.176.32.146:443
174.16.255.191:993
173.22.120.11:2222
162.244.225.30:443
159.118.173.115:995
72.197.50.23:443
203.192.232.72:443
99.228.242.183:995
111.125.70.30:2222
50.247.230.33:443
75.70.218.193:443
73.179.178.78:443
115.132.1.217:443
72.16.212.107:995
192.24.181.185:443
65.30.12.240:995
108.5.32.66:443
72.213.98.233:443
123.252.128.47:443
98.186.90.192:995
71.93.60.90:443
107.12.140.181:443
12.5.37.3:443
99.241.22.53:443
104.3.91.20:995
96.20.238.2:2087
74.194.4.181:443
67.214.8.102:443
72.29.181.77:2083
72.142.106.198:465
207.162.184.228:443
76.80.66.226:443
73.37.61.237:443
71.84.5.114:995
75.69.3.12:443
67.10.18.112:995
96.20.238.2:2222
70.183.155.118:80
70.169.2.228:443
70.167.72.28:443
100.4.185.8:443
199.126.92.231:995
2.50.170.151:443
173.247.186.90:995
96.20.238.2:2083
47.23.101.26:465
2.177.115.198:443
207.179.194.91:443
70.183.177.71:443
47.146.173.204:443
76.116.128.81:443
75.131.72.82:443
200.104.249.67:443
47.153.115.154:443
104.34.122.18:443
108.160.123.244:443
24.31.249.123:443
113.77.242.83:443
68.83.59.107:443
67.246.16.250:995
96.20.238.2:61201
47.144.93.71:443
96.20.238.2:2078
181.126.80.118:443
181.90.124.162:443
90.43.7.95:2222
96.22.239.27:2222
104.152.16.45:995
47.23.101.26:993
72.240.155.78:443
206.51.202.106:50002
66.214.75.176:443
108.184.57.213:8443
67.10.18.112:993
173.178.129.3:443
189.132.109.76:995
174.110.209.100:443
76.181.237.223:443
97.93.211.17:443
181.143.141.226:995
73.104.218.229:0
71.188.107.64:995
68.43.112.34:443
75.131.239.76:443
173.161.148.169:995
80.14.209.42:2222
186.47.208.238:50000
104.235.71.178:443
190.144.81.158:995
75.110.250.89:443
47.153.115.154:995
70.166.97.7:465
71.30.56.170:443
24.30.69.9:443
75.81.25.223:443
108.45.183.59:443
181.197.195.138:995
70.163.224.7:443
174.48.72.160:443
68.174.15.223:443
197.89.140.185:995
196.194.65.60:2222
188.222.75.207:443
104.32.185.213:2222
23.240.185.215:443
96.59.11.86:443
76.6.64.52:995
24.32.119.146:443
162.244.224.166:443
24.184.6.58:2222
168.245.228.71:443
73.202.121.222:443
64.19.74.29:995
71.84.5.114:443
173.172.205.216:443
67.77.162.13:443
64.20.68.35:2222
201.188.13.195:443
206.255.212.179:443
96.228.21.246:443
65.116.179.83:443
184.180.157.203:2222
166.62.180.194:2078
83.76.50.72:2222
50.46.139.209:443
99.247.60.103:465
137.25.72.175:443
24.180.7.155:443
47.180.66.10:995
71.197.126.250:443
67.190.189.217:443
76.174.122.204:443
96.28.229.218:443
76.18.16.52:443
200.104.40.85:443
75.165.147.143:443
74.197.206.71:443
24.203.221.252:2222
73.137.187.150:443
24.107.131.178:443
50.246.229.50:443
75.165.181.122:443
1.173.254.112:443
67.87.38.242:2222
173.247.186.90:993
75.110.104.106:443
71.182.142.63:443
75.110.230.118:443
Targets
-
-
Target
a99cc099b6f3aba69cfbf5622a49a3a18656ef37aede59f602592e474feb33a1
-
Size
5.3MB
-
MD5
355f26c227eb69420a10178dc4256e5d
-
SHA1
a0d4518b19d76d5eabdb815c02228821160dc05c
-
SHA256
a99cc099b6f3aba69cfbf5622a49a3a18656ef37aede59f602592e474feb33a1
-
SHA512
bc293a5085b9a55d06a0e4177d7bbc02a27c5dc508114929559db4d38623af78df79146b7d10ae3ee9622d0cc06d9a037be858b9b283e28c5fbef02bcfe1b32f
-
SSDEEP
12288:WP7EiG90hJb9OWf/90yzhmasNmQnH22QG:eiH2O
-
Turns off Windows Defender SpyNet reporting
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-