General
-
Target
x.zip
-
Size
356KB
-
Sample
230210-q7jg8acc93
-
MD5
68c2302cf626afc36187de1c611c596a
-
SHA1
554d794ba19093603613d22dc00b17e9126007b4
-
SHA256
1401d86e9f8659370bfde336b40cfa6683c79645f93aae92b2d3f8344c3bef8b
-
SHA512
9331dc250c2a2cc1c1652452e04e70c84de94b3c610a6cff98180499758789873c89e2e267ddccb2239eb139661686dca1c1ba4189bdecedd74b8b79ad0e4cb8
-
SSDEEP
6144:v+aWjP7jkmFYJ1LHr5F9ZgyK2a+amxFi8+z4rbxAXj7k3wsXDbU:Gai3kPLHF+yK2FrflAPwbU
Static task
static1
Behavioral task
behavioral1
Sample
x.bat
Resource
win7-20221111-en
Malware Config
Extracted
qakbot
404.506
BB14
1675933835
50.20.171.2:443
73.36.196.11:443
12.172.173.82:990
86.225.214.138:2222
67.253.226.137:995
84.108.200.161:443
121.121.100.207:995
86.169.203.116:443
150.107.231.59:2222
201.244.108.183:995
81.111.108.123:443
85.241.180.94:443
37.14.229.220:2222
24.64.112.40:50010
91.68.227.219:443
71.112.212.166:443
82.121.195.187:2222
101.184.161.86:2222
81.157.227.223:2222
103.141.50.102:995
76.80.180.154:995
12.172.173.82:32101
58.247.115.126:995
116.72.250.18:443
136.232.184.134:995
103.123.221.16:443
72.203.216.98:2222
37.56.105.165:995
202.142.98.62:995
81.229.117.95:2222
116.75.63.229:443
86.195.14.72:2222
90.213.146.227:443
86.207.227.152:2222
88.171.156.150:50000
74.92.243.113:50000
213.67.255.57:2222
87.221.215.41:2222
24.228.132.224:2222
2.13.73.146:2222
45.246.235.113:995
103.71.21.107:443
71.31.101.183:443
103.42.86.238:995
62.35.67.88:443
198.2.51.242:993
87.223.82.41:443
92.239.81.124:443
59.28.84.65:443
88.111.182.118:2222
50.68.204.71:995
86.189.211.104:443
87.57.13.215:443
24.64.112.40:2222
217.165.186.116:2222
47.21.51.138:443
136.244.25.165:443
125.99.69.178:443
70.160.80.210:443
109.218.233.202:2222
87.243.146.59:443
89.129.109.27:2222
213.31.90.183:2222
70.59.2.118:443
91.170.115.68:32100
184.176.35.223:2222
27.109.19.90:2078
217.128.200.114:2222
46.24.103.218:2078
93.24.192.142:20
72.80.7.6:995
12.172.173.82:995
208.187.122.74:443
70.77.116.233:443
103.252.7.228:443
50.68.186.195:443
50.68.204.71:443
85.61.165.153:2222
87.149.176.97:443
73.161.176.218:443
12.172.173.82:50001
86.250.12.217:2222
109.149.147.177:2222
176.142.207.63:443
86.130.9.197:2222
92.154.17.149:2222
41.230.210.157:995
24.64.112.40:3389
86.181.41.193:2222
75.143.236.149:443
174.104.184.149:443
76.170.252.153:995
171.97.42.67:443
27.0.48.205:443
83.114.60.6:2222
87.202.101.164:50000
88.126.112.14:50000
35.143.97.145:995
104.35.24.154:443
98.145.23.67:443
98.147.155.235:443
24.64.112.40:61202
114.143.176.234:443
85.231.105.49:2222
181.118.206.65:995
82.127.204.82:2222
86.194.156.14:2222
108.2.111.66:995
156.217.208.137:995
71.52.53.166:443
162.248.14.107:443
45.50.233.214:443
24.239.69.244:443
47.21.51.138:995
73.165.119.20:443
197.204.13.52:443
74.33.196.114:443
50.68.204.71:993
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
x.bat
-
Size
24B
-
MD5
4c761c8d5cfa48b9e24ca8759aa5bd6f
-
SHA1
aa0ad683e37d9570dacd74734c2866c480d78547
-
SHA256
4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3
-
SHA512
3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9
-