General

  • Target

    download(37).dat

  • Size

    904KB

  • Sample

    230222-ydjvwsdc25

  • MD5

    06012ba09ad4c97a0411592f7ae4f814

  • SHA1

    1060a40440b71961a6342d9a3996340d715c164a

  • SHA256

    37629187db7ced00399af8f1f20e3d6a4305c8793a64ce3b7a9e1e4cc3c51d8c

  • SHA512

    eb4700c0dd1ed6ea336d97b0d88de8c950040d1452d67c9e3488c0e48b185d6cee76fd10d8abc0e1458fc31abee5c0a3a78a92947686b73039e87f3ad4e5a406

  • SSDEEP

    12288:rrhxV/xG39fx1jGrJySlVB7qZcsyc1m41OSoMhKmkxgt9peTI95kKZPj+Hmmn:xxRQfXsy0BTP4gSoMZttvWQ5kP

Malware Config

Extracted

Family

qakbot

Version

404.9

Botnet

BB16

Campaign

1677046917

C2

47.21.51.138:443

72.80.7.6:50003

82.127.204.82:2222

49.175.72.56:443

201.244.108.183:995

122.184.143.82:443

102.156.253.86:443

74.58.71.237:443

47.21.51.138:995

77.86.98.236:443

71.31.101.183:443

136.232.184.134:995

86.225.214.138:2222

95.242.101.251:995

109.11.175.42:2222

90.78.138.217:2222

184.176.35.223:2222

35.143.97.145:995

202.186.177.88:443

114.79.180.14:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      download(37).dat

    • Size

      904KB

    • MD5

      06012ba09ad4c97a0411592f7ae4f814

    • SHA1

      1060a40440b71961a6342d9a3996340d715c164a

    • SHA256

      37629187db7ced00399af8f1f20e3d6a4305c8793a64ce3b7a9e1e4cc3c51d8c

    • SHA512

      eb4700c0dd1ed6ea336d97b0d88de8c950040d1452d67c9e3488c0e48b185d6cee76fd10d8abc0e1458fc31abee5c0a3a78a92947686b73039e87f3ad4e5a406

    • SSDEEP

      12288:rrhxV/xG39fx1jGrJySlVB7qZcsyc1m41OSoMhKmkxgt9peTI95kKZPj+Hmmn:xxRQfXsy0BTP4gSoMZttvWQ5kP

MITRE ATT&CK Matrix

Tasks