General
-
Target
x.zip
-
Size
191KB
-
Sample
230209-sf1crsgg46
-
MD5
eec3e03cf563e38fe1cb323554582030
-
SHA1
4ee43b6b83c3751dac2a2071385004a4917ef2fb
-
SHA256
edefe883addbe471101c621193325707a62f5504668ccca425b6418cc15b3fef
-
SHA512
19628d94d6561541cda998b07800c6415238931b74ab23e5a002afed9f822d200a82785ce53894f4355dfba67195705b9e7789711cf2f3ac48e2cb89962ad5d0
-
SSDEEP
3072:20Pz6VFZphem2ezK1TytOVEygmC6wbzetJ8sQkN924jz1a2fCDRh9V0l0/WdIaN4:b6FAPIK1Tyt0+j6wXetqsQk2kzfCFrV3
Static task
static1
Behavioral task
behavioral1
Sample
x.bat
Resource
win7-20220812-en
Malware Config
Extracted
qakbot
404.506
BB14
1675872307
86.182.184.130:443
81.155.30.149:2222
201.244.108.183:995
123.3.240.16:995
24.252.133.201:443
24.64.112.40:50010
85.241.180.94:443
184.189.41.80:443
81.157.227.223:2222
50.20.171.2:443
84.35.26.14:995
73.36.196.11:443
12.172.173.82:990
86.225.214.138:2222
67.253.226.137:995
121.121.100.207:995
24.69.84.237:443
80.121.52.105:443
68.169.182.54:2222
87.221.197.113:2222
87.243.146.59:443
98.163.227.79:443
81.229.117.95:2222
46.24.103.218:2078
74.92.243.113:50000
213.31.90.183:2222
103.71.21.107:443
27.109.19.90:2078
82.36.36.76:443
71.31.101.183:443
198.2.51.242:993
91.68.227.219:443
88.111.182.118:2222
68.150.18.161:443
50.68.204.71:995
76.27.40.189:443
2.98.146.106:995
70.121.198.103:2078
76.80.180.154:995
197.148.17.17:2078
12.172.173.82:32101
98.147.155.235:443
72.203.216.98:2222
2.88.198.90:995
83.248.199.56:443
87.149.176.97:443
86.96.72.139:2222
47.21.51.138:443
83.7.54.170:443
103.123.221.16:443
86.195.14.72:2222
92.27.86.48:2222
86.130.9.197:2222
217.128.200.114:2222
86.207.227.152:2222
37.14.229.220:2222
92.154.17.149:2222
89.152.120.181:443
72.188.121.121:443
189.222.55.8:443
109.149.147.177:2222
176.202.38.188:443
50.68.186.195:443
86.147.63.40:2222
50.68.204.71:443
24.64.112.40:3389
216.228.41.244:2222
73.161.176.218:443
12.172.173.82:50001
75.166.241.189:443
208.180.17.32:2222
87.202.101.164:50000
75.156.125.215:995
108.44.207.232:443
75.143.236.149:443
174.58.146.57:443
72.194.232.94:443
176.142.207.63:443
84.108.200.161:443
91.170.115.68:32100
72.80.7.6:995
88.126.112.14:50000
73.161.178.173:443
47.196.203.73:443
47.32.78.150:443
86.172.79.135:443
12.172.173.82:995
208.187.122.74:443
24.123.211.131:443
213.67.255.57:2222
70.77.116.233:443
15.181.199.242:2083
24.64.112.40:61202
24.64.112.40:2222
201.211.197.241:2222
88.126.94.4:50000
181.118.206.65:995
82.127.204.82:2222
86.194.156.14:2222
67.10.175.47:2222
71.52.53.166:443
67.61.71.201:443
104.35.24.154:443
98.145.23.67:443
70.51.132.216:2222
173.178.151.233:443
142.118.243.5:2222
67.70.5.159:2222
35.143.97.145:995
174.104.184.149:443
95.148.179.253:443
188.116.62.165:995
73.165.119.20:443
156.217.208.137:995
105.99.109.4:443
74.33.196.114:443
50.68.204.71:993
12.172.173.82:20
2.82.8.80:443
90.104.22.28:2222
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
x.bat
-
Size
24B
-
MD5
4c761c8d5cfa48b9e24ca8759aa5bd6f
-
SHA1
aa0ad683e37d9570dacd74734c2866c480d78547
-
SHA256
4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3
-
SHA512
3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9
-