General

  • Target

    x.zip

  • Size

    235KB

  • Sample

    230214-rprxbaea52

  • MD5

    7142c4d6a67a1237beadce3a038b5a1d

  • SHA1

    c768ccf3e594ca66b47f82e1f2fadf944d5d3fd3

  • SHA256

    df0376db0a25a450ede35e98198a5c3a0effee46c721f6ba2f8242a48633aa18

  • SHA512

    6b5db202135911d890069d30c7db2cd2b1f2fef607607c638b3cfa4fa7964dc52c64b306a0666d7fef6ace937ca60340d1239ea96b51b08ac7a771ef0048e027

  • SSDEEP

    6144:dL5227LoH8EOt94TURSi9mx7IK66yssIAdCa:ZY2gcEW94TNTxsIAdr

Malware Config

Extracted

Family

qakbot

Version

404.506

Botnet

BB14

Campaign

1676025438

C2

181.118.206.65:995

35.143.97.145:995

47.149.95.10:443

73.29.92.128:443

104.35.24.154:443

98.145.23.67:443

70.51.132.216:2222

171.97.42.67:443

24.64.112.40:61202

182.180.105.242:443

24.64.112.40:2222

76.170.252.153:995

88.126.94.4:50000

83.114.60.6:2222

73.223.248.31:443

86.161.143.19:2222

216.228.41.244:2222

86.202.48.142:2222

103.42.86.238:995

88.126.112.14:50000

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      x.bat

    • Size

      24B

    • MD5

      4c761c8d5cfa48b9e24ca8759aa5bd6f

    • SHA1

      aa0ad683e37d9570dacd74734c2866c480d78547

    • SHA256

      4936f4877eb907b0053d88c90e3b4a277740038fcf7fa87965d4342fb51515b3

    • SHA512

      3d4fd1a28012a0c5de552dffa1dbe7e399be411273cc7ad5a174f20a705a56ba71c487bdfce1ab4576041a3389ad8827b9d0500b95ab8dca247fba42450cadd9

MITRE ATT&CK Matrix

Tasks