General

  • Target

    ef355f0b4d71fa33e0432226ee09c0dc04c2e8543937147ec55209589e3b0a7d.dll

  • Size

    133KB

  • Sample

    230222-r1c8ascb39

  • MD5

    3497c5a08a38df13ae3b4778034fc83a

  • SHA1

    ac8aad5e41290481ae00e8bd6c89e55316ae3337

  • SHA256

    ef355f0b4d71fa33e0432226ee09c0dc04c2e8543937147ec55209589e3b0a7d

  • SHA512

    b37ec0ef6c35d034a345c5b5247cb493c0e4d16c6ec55c0c01dcf7837fd37abf415c7f440b7e3a3b84e9fe712291b4a6224c70473402adba742869f604a08eb1

  • SSDEEP

    3072:3bZACs0bYJJZAGL6a+J5iLsvz+4rgCBojVXwmqgAeJzjnfwTBfPLfIcUR:3bd4JZAcFC8kVeJ/nfwTBHccW

Malware Config

Extracted

Family

qakbot

Version

404.9

Botnet

obama241

Campaign

1677046861

C2

47.21.51.138:443

72.80.7.6:50003

82.127.204.82:2222

49.175.72.56:443

201.244.108.183:995

122.184.143.82:443

102.156.253.86:443

74.58.71.237:443

47.21.51.138:995

77.86.98.236:443

71.31.101.183:443

136.232.184.134:995

86.225.214.138:2222

95.242.101.251:995

109.11.175.42:2222

90.78.138.217:2222

184.176.35.223:2222

35.143.97.145:995

202.186.177.88:443

114.79.180.14:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      ef355f0b4d71fa33e0432226ee09c0dc04c2e8543937147ec55209589e3b0a7d.dll

    • Size

      133KB

    • MD5

      3497c5a08a38df13ae3b4778034fc83a

    • SHA1

      ac8aad5e41290481ae00e8bd6c89e55316ae3337

    • SHA256

      ef355f0b4d71fa33e0432226ee09c0dc04c2e8543937147ec55209589e3b0a7d

    • SHA512

      b37ec0ef6c35d034a345c5b5247cb493c0e4d16c6ec55c0c01dcf7837fd37abf415c7f440b7e3a3b84e9fe712291b4a6224c70473402adba742869f604a08eb1

    • SSDEEP

      3072:3bZACs0bYJJZAGL6a+J5iLsvz+4rgCBojVXwmqgAeJzjnfwTBfPLfIcUR:3bd4JZAcFC8kVeJ/nfwTBHccW

MITRE ATT&CK Matrix

Tasks