General

  • Target

    522381.dat

  • Size

    904KB

  • Sample

    230222-tc428acd94

  • MD5

    cf54e75222a80b10a0485243a3fa1863

  • SHA1

    b100a2b686b9ff2fd065a1c366fb0d83826af1fa

  • SHA256

    65f43065cbe4c067746cdb85b082a6166d32559bd5fe397b6e70dd39fd887c3e

  • SHA512

    21914d084f15ed0d0214dc8119f9891b1e09220d325359eb2fc583df79f00ef4201b33a929f67164f4e8cc73d96bd820b135c6be3cb1ed7fc0e522f546e21a76

  • SSDEEP

    12288:4rNxV/xG39fx1jGrJySlVB7qZcsyc1m41OSoMMxM6/+Hmmn:YxRQfXsy0BTP4gSoMMxRs

Malware Config

Extracted

Family

qakbot

Version

404.9

Botnet

obama241

Campaign

1677046861

C2

47.21.51.138:443

72.80.7.6:50003

82.127.204.82:2222

49.175.72.56:443

201.244.108.183:995

122.184.143.82:443

102.156.253.86:443

74.58.71.237:443

47.21.51.138:995

77.86.98.236:443

71.31.101.183:443

136.232.184.134:995

86.225.214.138:2222

95.242.101.251:995

109.11.175.42:2222

90.78.138.217:2222

184.176.35.223:2222

35.143.97.145:995

202.186.177.88:443

114.79.180.14:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      522381.dat

    • Size

      904KB

    • MD5

      cf54e75222a80b10a0485243a3fa1863

    • SHA1

      b100a2b686b9ff2fd065a1c366fb0d83826af1fa

    • SHA256

      65f43065cbe4c067746cdb85b082a6166d32559bd5fe397b6e70dd39fd887c3e

    • SHA512

      21914d084f15ed0d0214dc8119f9891b1e09220d325359eb2fc583df79f00ef4201b33a929f67164f4e8cc73d96bd820b135c6be3cb1ed7fc0e522f546e21a76

    • SSDEEP

      12288:4rNxV/xG39fx1jGrJySlVB7qZcsyc1m41OSoMMxM6/+Hmmn:YxRQfXsy0BTP4gSoMMxRs

MITRE ATT&CK Matrix

Tasks