Resubmissions

01/02/2023, 12:57

230201-p7ch8sfb6w 10

01/02/2023, 12:53

230201-p4pz6afb4z 1

General

  • Target

    23438.dat.zip

  • Size

    364KB

  • Sample

    230201-p7ch8sfb6w

  • MD5

    180dc2970a8a79994a8035aca6abb3fa

  • SHA1

    d4c6d1e083ed42333ff1e388eb0879128d81d63d

  • SHA256

    c4edbe7058ee2c2183f2ff96e75848abfcd295e19ca04548f4ed3bd60fb00516

  • SHA512

    28ade61eb6f69319a35f2a702b0879e67e1ded7a4deab4b393c984c6a69b31248dd7c3ba7b95fbc82954fc4f892e60a59c8d26d8790be1dc5f442133b1458878

  • SSDEEP

    6144:y4C1hLLCl0I3kKH2ANH1jKhkLqEGEoIenfwDZY2IcsmxRPpZQ8HKAq:TC1hyKiWA58hkuUwfQxRPTpKAq

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

obama235

Campaign

1675240891

C2

89.129.109.27:2222

213.31.90.183:2222

213.67.255.57:2222

217.128.200.114:2222

87.243.146.59:443

173.76.49.61:443

24.64.112.40:2222

47.21.51.138:995

175.139.129.94:2222

70.66.199.12:443

162.248.14.107:443

75.98.154.19:443

90.104.22.28:2222

58.247.115.126:995

91.231.173.199:995

116.72.250.18:443

119.82.122.226:443

98.145.23.67:443

202.142.98.62:443

202.142.98.62:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      23438.dat

    • Size

      640KB

    • MD5

      b93b6cf73dcafcd08ab1ff1437d72bff

    • SHA1

      3ba79e19c0cdebaea0b91d8b8703b98879272c07

    • SHA256

      8d6a0eeb36746ef1760f53a9bde11e4062ee2be2212a8da69475c6e9658ab04a

    • SHA512

      4fc0ef672eb6ff5ca1ed9d6902f0a353d6ede16a40bc35c81f8cbad0acbd65b5351be2ece50224fd6a66fb866d494c21734db3829b6a5db94f93eb09baec6bb9

    • SSDEEP

      12288:QljQRl3iZwl3JBrySD9CkkgC28DWl0RJK2LgAN4c1DJ92trs1tTb3+uZ:Q9WZiZCCMCkkBRDeSjcjc1DJ92ts1t3J

MITRE ATT&CK Matrix

Tasks