General

  • Target

    x.zip

  • Size

    356KB

  • Sample

    230210-q7jg8acc93

  • MD5

    68c2302cf626afc36187de1c611c596a

  • SHA1

    554d794ba19093603613d22dc00b17e9126007b4

  • SHA256

    1401d86e9f8659370bfde336b40cfa6683c79645f93aae92b2d3f8344c3bef8b

  • SHA512

    9331dc250c2a2cc1c1652452e04e70c84de94b3c610a6cff98180499758789873c89e2e267ddccb2239eb139661686dca1c1ba4189bdecedd74b8b79ad0e4cb8

  • SSDEEP

    6144:v+aWjP7jkmFYJ1LHr5F9ZgyK2a+amxFi8+z4rbxAXj7k3wsXDbU:Gai3kPLHF+yK2FrflAPwbU

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

BB14

Campaign

1675933835

C2

50.20.171.2:443

73.36.196.11:443

12.172.173.82:990

86.225.214.138:2222

67.253.226.137:995

84.108.200.161:443

121.121.100.207:995

86.169.203.116:443

150.107.231.59:2222

201.244.108.183:995

81.111.108.123:443

85.241.180.94:443

37.14.229.220:2222

24.64.112.40:50010

91.68.227.219:443

71.112.212.166:443

82.121.195.187:2222

101.184.161.86:2222

81.157.227.223:2222

103.141.50.102:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      x.bat

    • Size

      24B

    • MD5

      4c761c8d5cfa48b9e24ca8759aa5bd6f

    • SHA1

      aa0ad683e37d9570dacd74734c2866c480d78547

    • SHA256

      4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3

    • SHA512

      3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9

MITRE ATT&CK Matrix

Tasks