General

  • Target

    vodka.dat

  • Size

    904KB

  • Sample

    230222-r47ajscb58

  • MD5

    90b59e8869054f43865a657c76dbd96a

  • SHA1

    6f9df1f3c8ddbce9dcd1fdf414368a978d158780

  • SHA256

    ec9432b9b9269bf5aba8184aace6ec512d2dc69ab436fffe4adbe357650dbed3

  • SHA512

    f4bf5a13ddde922e61f71c45532373bc460936561c8c0cbbe526689a2c90afa5636eb53310014e739bd9a16de0195fe0f6aef1bd85d2df42c1c9500f1e68daf7

  • SSDEEP

    12288:4rNxV/xG39fx1jGrJySlVB7qZcsyc1m41OSoMMxM6G+Hmmn:YxRQfXsy0BTP4gSoMMxRf

Malware Config

Extracted

Family

qakbot

Version

404.9

Botnet

obama241

Campaign

1677046861

C2

47.21.51.138:443

72.80.7.6:50003

82.127.204.82:2222

49.175.72.56:443

201.244.108.183:995

122.184.143.82:443

102.156.253.86:443

74.58.71.237:443

47.21.51.138:995

77.86.98.236:443

71.31.101.183:443

136.232.184.134:995

86.225.214.138:2222

95.242.101.251:995

109.11.175.42:2222

90.78.138.217:2222

184.176.35.223:2222

35.143.97.145:995

202.186.177.88:443

114.79.180.14:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      vodka.dat

    • Size

      904KB

    • MD5

      90b59e8869054f43865a657c76dbd96a

    • SHA1

      6f9df1f3c8ddbce9dcd1fdf414368a978d158780

    • SHA256

      ec9432b9b9269bf5aba8184aace6ec512d2dc69ab436fffe4adbe357650dbed3

    • SHA512

      f4bf5a13ddde922e61f71c45532373bc460936561c8c0cbbe526689a2c90afa5636eb53310014e739bd9a16de0195fe0f6aef1bd85d2df42c1c9500f1e68daf7

    • SSDEEP

      12288:4rNxV/xG39fx1jGrJySlVB7qZcsyc1m41OSoMMxM6G+Hmmn:YxRQfXsy0BTP4gSoMMxRf

MITRE ATT&CK Matrix

Tasks