General

  • Target

    x.zip

  • Size

    244KB

  • Sample

    230307-zmtbcsbd7x

  • MD5

    088f1a0ac0433a546fcc946b25305477

  • SHA1

    d74508396b7b34538d6dc6a100ba01b04a9bcffe

  • SHA256

    d78b46dd7cf819431e921ad44bf2af3e14b838a8e94ed22a52d1cb74a06f5c9d

  • SHA512

    6a444dbca2d81cf46c42312fa262a1e08638943d6cbdf5eef11834a9df9c619e75344d13471a1030623d31c660cd9b2d839e09d4d0fbfbebde7b67abc4ae19c7

  • SSDEEP

    6144:oZQbUe8Jgjx/LDsonC40xx2Ps4GjAzh7MZaGYun3YCpG:fgChsvP2Psz8iZaGzoC8

Malware Config

Extracted

Family

qakbot

Version

404.222

Botnet

BB18

Campaign

1678202783

C2

47.32.78.150:443

41.228.236.70:995

72.203.216.98:2222

105.109.157.34:990

92.27.86.48:2222

27.109.19.90:2078

190.75.151.215:2222

46.27.231.50:2078

86.195.14.72:2222

213.67.255.57:2222

59.28.84.65:443

79.67.165.149:995

86.196.12.21:2222

86.10.146.216:443

92.154.17.149:2222

92.154.45.81:2222

50.86.217.209:443

64.127.146.153:443

86.202.48.142:2222

70.51.133.238:2222

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      x.bat

    • Size

      24B

    • MD5

      2b2ef25b695683a82fe6d92a2c3e8994

    • SHA1

      c3c9911c6a780735ca6fcb074659495bb60601f4

    • SHA256

      7ae33cf772296474b192ffa57970bb02d937582c5a40547e230ac2246ad5222f

    • SHA512

      c557aa90f04a1729d101588044ec76c273036015cbc4d2a029bab803f8ad1c0397d92627127d926d36676086baee03dc5584af80222d13fe5bdcb2409586e4bf

MITRE ATT&CK Matrix

Tasks