Resubmissions

01/02/2023, 12:05

230201-n86yssfa4v 10

01/02/2023, 11:41

230201-ntxftaeh71 3

General

  • Target

    44573.dat

  • Size

    700KB

  • Sample

    230201-n86yssfa4v

  • MD5

    eda6094c4670a4fec54514694b49d5eb

  • SHA1

    7f693ba4e2d8711200891d226f0ef6a7c377856f

  • SHA256

    f122dd264e12e50f3a304d90a9d1734039159889b12f6292dc66ac1a717e4b67

  • SHA512

    e488e0356bc31805b11477283c5be1401c28a273152a1933f4785296bcfb4b150dd447db4123701f30f658ea951e3941ab7fea9a65ee864ca8825dda66af24cb

  • SSDEEP

    12288:4qwFxm3G6H4RyuHbR1MxnuTV/iV1Sd/NzQNfy:lwFxm3G6H4IuHbR1MxnuTV/iV1QmNf

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

obama234

Campaign

1675160190

C2

85.241.180.94:443

12.172.173.82:50001

92.154.17.149:2222

103.42.86.246:995

12.172.173.82:990

91.254.132.23:443

121.121.100.207:995

74.92.243.113:50000

69.119.123.159:2222

156.217.247.173:995

50.68.204.71:995

76.170.252.153:995

92.8.190.175:2222

69.159.158.183:2222

172.248.42.122:443

12.172.173.82:2087

197.148.17.17:2078

75.143.236.149:443

69.133.162.35:443

50.68.204.71:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      44573.dat

    • Size

      700KB

    • MD5

      eda6094c4670a4fec54514694b49d5eb

    • SHA1

      7f693ba4e2d8711200891d226f0ef6a7c377856f

    • SHA256

      f122dd264e12e50f3a304d90a9d1734039159889b12f6292dc66ac1a717e4b67

    • SHA512

      e488e0356bc31805b11477283c5be1401c28a273152a1933f4785296bcfb4b150dd447db4123701f30f658ea951e3941ab7fea9a65ee864ca8825dda66af24cb

    • SSDEEP

      12288:4qwFxm3G6H4RyuHbR1MxnuTV/iV1Sd/NzQNfy:lwFxm3G6H4IuHbR1MxnuTV/iV1QmNf

MITRE ATT&CK Enterprise v6

Tasks