Resubmissions

12/02/2023, 11:28

230212-nlg16ade94 10

General

  • Target

    FILE.DLL

  • Size

    640KB

  • Sample

    230212-nlg16ade94

  • MD5

    3cced5135a0e9a92004c9de71a8d510d

  • SHA1

    943b6aac6bc5346982e3dcd5373fde4d783d4042

  • SHA256

    8d6631479ff318e05f980f5768a33d45106bb1aadaf837cb45e590bf04ead3cf

  • SHA512

    aa5ae93a5a6ccc23bc062087ff1fbbff0c3dd8cfd4cb1e2f1efffaaa542763846a09253b0e42d2615b000f8ec6d8615df863b993d559e6807dec99c9b8af496b

  • SSDEEP

    12288:QljQRl3iZwl3JBrySD9CkkgC28DWl0RJK2LgAN4c1DJ92trs1tTe3+uZ:Q9WZiZCCMCkkBRDeSjcjc1DJ92ts1tiJ

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

obama235

Campaign

1675240891

C2

89.129.109.27:2222

213.31.90.183:2222

213.67.255.57:2222

217.128.200.114:2222

87.243.146.59:443

173.76.49.61:443

24.64.112.40:2222

47.21.51.138:995

175.139.129.94:2222

70.66.199.12:443

162.248.14.107:443

75.98.154.19:443

90.104.22.28:2222

58.247.115.126:995

91.231.173.199:995

116.72.250.18:443

119.82.122.226:443

98.145.23.67:443

202.142.98.62:443

202.142.98.62:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      FILE.DLL

    • Size

      640KB

    • MD5

      3cced5135a0e9a92004c9de71a8d510d

    • SHA1

      943b6aac6bc5346982e3dcd5373fde4d783d4042

    • SHA256

      8d6631479ff318e05f980f5768a33d45106bb1aadaf837cb45e590bf04ead3cf

    • SHA512

      aa5ae93a5a6ccc23bc062087ff1fbbff0c3dd8cfd4cb1e2f1efffaaa542763846a09253b0e42d2615b000f8ec6d8615df863b993d559e6807dec99c9b8af496b

    • SSDEEP

      12288:QljQRl3iZwl3JBrySD9CkkgC28DWl0RJK2LgAN4c1DJ92trs1tTe3+uZ:Q9WZiZCCMCkkBRDeSjcjc1DJ92ts1tiJ

MITRE ATT&CK Matrix

Tasks