Resubmissions

13/02/2023, 15:47

230213-s8dz8sec55 10

13/02/2023, 15:43

230213-s5xceaec35 3

General

  • Target

    09.gif.dll

  • Size

    525KB

  • Sample

    230213-s8dz8sec55

  • MD5

    5aeb6e164f5c212e21d629c0ea46f48f

  • SHA1

    06a1743819db332d3c196a6960b90301c638171e

  • SHA256

    7272f3b71091a0188f10030287ca1e2b6689b6cfd7c91d400bd7d1a4d55213e5

  • SHA512

    d17af00dfa92745e41ad39567fc63bd8d1bec29f5ef856dab9aee317017e09fe565c99fb675999fc7ac9ddea48ff72c87d802c2b34e29fb7a390b49fc493fc47

  • SSDEEP

    12288:XPkOXczzPUMZClzjzbumfoEG1Tn2AK2Y0yC7+:XOnfClzjnum/G1TnVek

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

BB15

Campaign

1676282502

C2

81.229.117.95:2222

90.78.138.217:2222

86.236.114.212:2222

78.130.215.67:443

182.180.105.242:443

78.16.206.181:443

27.0.48.233:443

37.14.229.220:2222

202.186.177.88:443

75.143.236.149:443

122.184.143.82:443

24.64.112.40:3389

183.87.163.165:443

162.248.14.107:443

87.149.176.97:443

194.166.93.69:443

75.98.154.19:443

70.77.116.233:443

71.112.212.166:443

27.99.45.237:2222

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      09.gif.dll

    • Size

      525KB

    • MD5

      5aeb6e164f5c212e21d629c0ea46f48f

    • SHA1

      06a1743819db332d3c196a6960b90301c638171e

    • SHA256

      7272f3b71091a0188f10030287ca1e2b6689b6cfd7c91d400bd7d1a4d55213e5

    • SHA512

      d17af00dfa92745e41ad39567fc63bd8d1bec29f5ef856dab9aee317017e09fe565c99fb675999fc7ac9ddea48ff72c87d802c2b34e29fb7a390b49fc493fc47

    • SSDEEP

      12288:XPkOXczzPUMZClzjzbumfoEG1Tn2AK2Y0yC7+:XOnfClzjnum/G1TnVek

MITRE ATT&CK Enterprise v6

Tasks