General

  • Target

    x.zip

  • Size

    191KB

  • Sample

    230209-sf1crsgg46

  • MD5

    eec3e03cf563e38fe1cb323554582030

  • SHA1

    4ee43b6b83c3751dac2a2071385004a4917ef2fb

  • SHA256

    edefe883addbe471101c621193325707a62f5504668ccca425b6418cc15b3fef

  • SHA512

    19628d94d6561541cda998b07800c6415238931b74ab23e5a002afed9f822d200a82785ce53894f4355dfba67195705b9e7789711cf2f3ac48e2cb89962ad5d0

  • SSDEEP

    3072:20Pz6VFZphem2ezK1TytOVEygmC6wbzetJ8sQkN924jz1a2fCDRh9V0l0/WdIaN4:b6FAPIK1Tyt0+j6wXetqsQk2kzfCFrV3

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

BB14

Campaign

1675872307

C2

86.182.184.130:443

81.155.30.149:2222

201.244.108.183:995

123.3.240.16:995

24.252.133.201:443

24.64.112.40:50010

85.241.180.94:443

184.189.41.80:443

81.157.227.223:2222

50.20.171.2:443

84.35.26.14:995

73.36.196.11:443

12.172.173.82:990

86.225.214.138:2222

67.253.226.137:995

121.121.100.207:995

24.69.84.237:443

80.121.52.105:443

68.169.182.54:2222

87.221.197.113:2222

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      x.bat

    • Size

      24B

    • MD5

      4c761c8d5cfa48b9e24ca8759aa5bd6f

    • SHA1

      aa0ad683e37d9570dacd74734c2866c480d78547

    • SHA256

      4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3

    • SHA512

      3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9

MITRE ATT&CK Matrix

Tasks