Overview

overview

10

Static

static

1

suspicious.dll

windows7-x64

10

suspicious.dll

windows10-2004-x64

10

Resubmissions

14-02-2023 11:56

230214-n4ad2ace4y 10

09-02-2023 19:59

230209-yqlv1sah97 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    suspicious.dll

  • Size

    1.7MB

  • Sample

    230214-n4ad2ace4y

  • MD5

    ace1226b3f17cf0cb6e6c3ceae7b95d8

  • SHA1

    369ca9e31a31709641c2491bb895d55b20d5c90c

  • SHA256

    a5fc814ab0a22c9684cb7587ffed6a7188e0a061ef4a268b4997e38a5f86aabd

  • SHA512

    dba25ddeffe58e9258ce39aa3bd1509b6ce115fb6f097992fcce97134f8c7a212dfe5a4061c5c5fadaeba131b3336ccdb3cd79aa01dc53b4f063f6ebd7212540

  • SSDEEP

    24576:nrj3nPW3ednWPiT8VTBqcATV8KIyydLXGcq8z+0uaEYmgE7v99de7:f3nCeCiT8aHxyM18z+XatEh9de

Score
10/10
qakbotbb121675417198bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

404.432

Botnet

BB12

Campaign

1675417198

C2

12.172.173.82:995

12.172.173.82:2087

50.68.204.71:443

84.215.202.22:443

98.175.176.254:995

184.155.91.69:443

50.68.186.195:443

183.87.163.165:443

172.248.42.122:443

93.156.100.20:443

102.156.32.143:443

50.60.157.175:995

75.143.236.149:443

69.133.162.35:443

105.184.159.165:995

130.43.172.217:2222

82.36.36.76:443

73.223.248.31:443

202.142.98.62:443

73.161.176.218:443
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      suspicious.dll

    • Size

      1.7MB

    • MD5

      ace1226b3f17cf0cb6e6c3ceae7b95d8

    • SHA1

      369ca9e31a31709641c2491bb895d55b20d5c90c

    • SHA256

      a5fc814ab0a22c9684cb7587ffed6a7188e0a061ef4a268b4997e38a5f86aabd

    • SHA512

      dba25ddeffe58e9258ce39aa3bd1509b6ce115fb6f097992fcce97134f8c7a212dfe5a4061c5c5fadaeba131b3336ccdb3cd79aa01dc53b4f063f6ebd7212540

    • SSDEEP

      24576:nrj3nPW3ednWPiT8VTBqcATV8KIyydLXGcq8z+0uaEYmgE7v99de7:f3nCeCiT8aHxyM18z+XatEh9de

    Score
    10/10
    qakbotbb121675417198bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks