General

  • Target

    qakbot.png

  • Size

    640KB

  • Sample

    230201-s637caad76

  • MD5

    31f754df5f65d828366f42dcce06e41e

  • SHA1

    d7187a81a88b1deb2906868075fde3ffe0e2fcf6

  • SHA256

    ee79d9d031a192836b419836394f8870a1bb941febd9da118ef2f9455345def4

  • SHA512

    5d0f633b6cca7a69ea130f4395c4ca09e0148c14ad9be42806d04fb05fe677bb8f29fa81969e5726196ee415e9d36b00547c4339b2d659411448b65ffebd2ed6

  • SSDEEP

    12288:QljQRl3iZwl3JBrySD9CkkgC28DWl0RJK2LgAN4c1DJ92trs1tTV3+uZ:Q9WZiZCCMCkkBRDeSjcjc1DJ92ts1txJ

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

obama235

Campaign

1675240891

C2

89.129.109.27:2222

213.31.90.183:2222

213.67.255.57:2222

217.128.200.114:2222

87.243.146.59:443

173.76.49.61:443

24.64.112.40:2222

47.21.51.138:995

175.139.129.94:2222

70.66.199.12:443

162.248.14.107:443

75.98.154.19:443

90.104.22.28:2222

58.247.115.126:995

91.231.173.199:995

116.72.250.18:443

119.82.122.226:443

98.145.23.67:443

202.142.98.62:443

202.142.98.62:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      qakbot.png

    • Size

      640KB

    • MD5

      31f754df5f65d828366f42dcce06e41e

    • SHA1

      d7187a81a88b1deb2906868075fde3ffe0e2fcf6

    • SHA256

      ee79d9d031a192836b419836394f8870a1bb941febd9da118ef2f9455345def4

    • SHA512

      5d0f633b6cca7a69ea130f4395c4ca09e0148c14ad9be42806d04fb05fe677bb8f29fa81969e5726196ee415e9d36b00547c4339b2d659411448b65ffebd2ed6

    • SSDEEP

      12288:QljQRl3iZwl3JBrySD9CkkgC28DWl0RJK2LgAN4c1DJ92trs1tTV3+uZ:Q9WZiZCCMCkkBRDeSjcjc1DJ92ts1txJ

MITRE ATT&CK Matrix

Tasks