General

  • Target

    qbot.dat

  • Size

    700KB

  • Sample

    230131-wyp7ashe84

  • MD5

    b0fcba1afd3f8db41e8992192530bbab

  • SHA1

    c10623ade6372be11a2ac8566921ccf9d672237f

  • SHA256

    9b3e176d132aebe39ee2205969f5065a21c315624a15e77fb5b1f13ff8abd6b6

  • SHA512

    180ac8a742a30ffed9ec6f6a7d635bc091c9a7b217443bd85ea290a2728aa52c7cd60a2576a8d4a5c9286d2dac5510cf024fea9e8cd3b6ee25eb931c2c789d28

  • SSDEEP

    12288:4qwFxm3G6H4RyuHbR1MxnuTV/iV1Sd/NzQNfy:lwFxm3G6H4IuHbR1MxnuTV/iV1QmNf

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

obama234

Campaign

1675160190

C2

85.241.180.94:443

12.172.173.82:50001

92.154.17.149:2222

103.42.86.246:995

12.172.173.82:990

91.254.132.23:443

121.121.100.207:995

74.92.243.113:50000

69.119.123.159:2222

156.217.247.173:995

50.68.204.71:995

76.170.252.153:995

92.8.190.175:2222

69.159.158.183:2222

172.248.42.122:443

12.172.173.82:2087

197.148.17.17:2078

75.143.236.149:443

69.133.162.35:443

50.68.204.71:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      qbot.dat

    • Size

      700KB

    • MD5

      b0fcba1afd3f8db41e8992192530bbab

    • SHA1

      c10623ade6372be11a2ac8566921ccf9d672237f

    • SHA256

      9b3e176d132aebe39ee2205969f5065a21c315624a15e77fb5b1f13ff8abd6b6

    • SHA512

      180ac8a742a30ffed9ec6f6a7d635bc091c9a7b217443bd85ea290a2728aa52c7cd60a2576a8d4a5c9286d2dac5510cf024fea9e8cd3b6ee25eb931c2c789d28

    • SSDEEP

      12288:4qwFxm3G6H4RyuHbR1MxnuTV/iV1Sd/NzQNfy:lwFxm3G6H4IuHbR1MxnuTV/iV1QmNf

MITRE ATT&CK Matrix

Tasks