General
-
Target
x.zip
-
Size
356KB
-
Sample
230209-vj1h2scg67
-
MD5
c08fef16d264fc84a71a61008ac00353
-
SHA1
03418e8cf3788437f00f2f4e813963b59abc184f
-
SHA256
57fca267479c0fa051389871ac2da3b93b893bed849c215eeb2cd1bde16aa4b7
-
SHA512
615796dc0aa720a024e92dae1061eb6ea2ab3dba211730e433f27fb9095bea97699c292209df0151c5c4e00311a9c04f9d8bf0bba9a608d0afeab5993039ed01
-
SSDEEP
6144:ykrQH3c6uNhrGmuzFgWMKL7/bjD3rGeJ9IgNoVXZ8wxjhmyPhVSh5jorNPjFz:ykrQXTuNhrGHHDbn7iKmJRVm2Vj9
Static task
static1
Behavioral task
behavioral1
Sample
x.bat
Resource
win7-20220812-en
Malware Config
Extracted
qakbot
404.506
obama239
1675927483
174.104.184.149:443
76.170.252.153:995
171.97.42.67:443
27.0.48.205:443
83.114.60.6:2222
87.202.101.164:50000
88.126.112.14:50000
35.143.97.145:995
104.35.24.154:443
98.145.23.67:443
98.147.155.235:443
24.64.112.40:61202
24.64.112.40:2222
114.143.176.234:443
85.231.105.49:2222
181.118.206.65:995
82.127.204.82:2222
86.194.156.14:2222
108.2.111.66:995
156.217.208.137:995
71.52.53.166:443
162.248.14.107:443
12.172.173.82:995
45.50.233.214:443
24.239.69.244:443
47.21.51.138:995
73.165.119.20:443
105.99.109.4:443
74.33.196.114:443
50.68.204.71:993
12.172.173.82:20
2.82.8.80:443
90.104.22.28:2222
174.58.146.57:443
109.11.175.42:2222
81.151.102.224:443
92.154.45.81:2222
92.186.69.229:2222
12.172.173.82:465
47.34.30.133:443
69.119.123.159:2222
172.248.42.122:443
85.59.61.52:2222
49.175.72.56:443
67.70.5.159:2222
202.186.177.88:443
47.149.137.40:443
161.142.105.32:995
183.87.163.165:443
70.64.77.115:443
24.71.120.191:443
188.116.62.165:995
173.18.126.3:443
12.172.173.82:2087
123.3.240.16:995
24.64.112.40:50010
50.20.171.2:443
84.35.26.14:995
73.36.196.11:443
12.172.173.82:990
86.225.214.138:2222
67.253.226.137:995
121.121.100.207:995
86.169.203.116:443
150.107.231.59:2222
108.44.207.232:443
201.244.108.183:995
74.92.243.113:50000
24.228.132.224:2222
103.71.21.107:443
71.31.101.183:443
198.2.51.242:993
59.28.84.65:443
88.111.182.118:2222
50.68.204.71:995
76.80.180.154:995
12.172.173.82:32101
58.247.115.126:995
72.203.216.98:2222
2.88.198.90:995
81.229.117.95:2222
86.98.44.165:2222
116.72.250.18:443
136.232.184.134:995
103.123.221.16:443
103.141.50.102:995
202.142.98.62:995
116.75.63.229:443
103.42.86.238:995
70.59.2.118:443
80.0.74.165:443
184.176.35.223:2222
217.165.186.116:2222
47.21.51.138:443
136.244.25.165:443
125.99.69.178:443
70.160.80.210:443
86.98.20.139:443
50.67.17.92:443
85.61.165.153:2222
73.161.176.218:443
12.172.173.82:50001
86.250.12.217:2222
176.142.207.63:443
24.64.112.40:3389
75.143.236.149:443
72.80.7.6:995
208.187.122.74:443
70.77.116.233:443
31.190.67.185:443
103.252.7.228:443
50.68.186.195:443
50.68.204.71:443
75.156.125.215:995
188.176.170.61:443
70.27.104.2:2222
98.37.25.99:443
67.61.71.201:443
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
x.bat
-
Size
24B
-
MD5
4c761c8d5cfa48b9e24ca8759aa5bd6f
-
SHA1
aa0ad683e37d9570dacd74734c2866c480d78547
-
SHA256
4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3
-
SHA512
3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9
-