General

  • Target

    x.zip

  • Size

    356KB

  • Sample

    230209-vj1h2scg67

  • MD5

    c08fef16d264fc84a71a61008ac00353

  • SHA1

    03418e8cf3788437f00f2f4e813963b59abc184f

  • SHA256

    57fca267479c0fa051389871ac2da3b93b893bed849c215eeb2cd1bde16aa4b7

  • SHA512

    615796dc0aa720a024e92dae1061eb6ea2ab3dba211730e433f27fb9095bea97699c292209df0151c5c4e00311a9c04f9d8bf0bba9a608d0afeab5993039ed01

  • SSDEEP

    6144:ykrQH3c6uNhrGmuzFgWMKL7/bjD3rGeJ9IgNoVXZ8wxjhmyPhVSh5jorNPjFz:ykrQXTuNhrGHHDbn7iKmJRVm2Vj9

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

obama239

Campaign

1675927483

C2

174.104.184.149:443

76.170.252.153:995

171.97.42.67:443

27.0.48.205:443

83.114.60.6:2222

87.202.101.164:50000

88.126.112.14:50000

35.143.97.145:995

104.35.24.154:443

98.145.23.67:443

98.147.155.235:443

24.64.112.40:61202

24.64.112.40:2222

114.143.176.234:443

85.231.105.49:2222

181.118.206.65:995

82.127.204.82:2222

86.194.156.14:2222

108.2.111.66:995

156.217.208.137:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      x.bat

    • Size

      24B

    • MD5

      4c761c8d5cfa48b9e24ca8759aa5bd6f

    • SHA1

      aa0ad683e37d9570dacd74734c2866c480d78547

    • SHA256

      4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3

    • SHA512

      3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9

MITRE ATT&CK Matrix

Tasks