General
-
Target
x.zip
-
Size
244KB
-
Sample
230307-zmtbcsbd7x
-
MD5
088f1a0ac0433a546fcc946b25305477
-
SHA1
d74508396b7b34538d6dc6a100ba01b04a9bcffe
-
SHA256
d78b46dd7cf819431e921ad44bf2af3e14b838a8e94ed22a52d1cb74a06f5c9d
-
SHA512
6a444dbca2d81cf46c42312fa262a1e08638943d6cbdf5eef11834a9df9c619e75344d13471a1030623d31c660cd9b2d839e09d4d0fbfbebde7b67abc4ae19c7
-
SSDEEP
6144:oZQbUe8Jgjx/LDsonC40xx2Ps4GjAzh7MZaGYun3YCpG:fgChsvP2Psz8iZaGzoC8
Static task
static1
Behavioral task
behavioral1
Sample
x.bat
Resource
win7-20230220-en
Malware Config
Extracted
qakbot
404.222
BB18
1678202783
47.32.78.150:443
41.228.236.70:995
72.203.216.98:2222
105.109.157.34:990
92.27.86.48:2222
27.109.19.90:2078
190.75.151.215:2222
46.27.231.50:2078
86.195.14.72:2222
213.67.255.57:2222
59.28.84.65:443
79.67.165.149:995
86.196.12.21:2222
86.10.146.216:443
92.154.17.149:2222
92.154.45.81:2222
50.86.217.209:443
64.127.146.153:443
86.202.48.142:2222
70.51.133.238:2222
89.203.252.238:443
105.109.157.34:993
86.190.223.11:2222
86.130.9.136:2222
201.244.108.183:995
213.31.90.183:2222
109.158.144.102:995
70.64.77.115:443
122.184.143.83:443
86.225.214.138:2222
12.172.173.82:50001
208.180.17.32:2222
47.21.51.138:443
12.172.173.82:2087
64.229.202.224:995
103.123.223.168:443
98.163.227.79:443
73.161.178.173:443
91.254.229.61:443
62.35.100.38:443
184.176.35.223:2222
105.109.157.34:2078
201.137.166.52:443
189.222.53.217:443
72.200.109.104:443
184.189.41.80:443
98.187.21.2:443
31.167.215.175:995
67.10.175.47:2222
35.143.97.145:995
88.126.94.4:50000
90.104.22.28:2222
73.36.196.11:443
75.156.125.215:995
82.127.204.82:2222
45.50.233.214:443
47.34.30.133:443
24.117.237.157:443
81.158.112.20:2222
78.193.176.97:443
82.212.112.246:443
104.35.24.154:443
76.170.252.153:995
109.11.175.42:2222
67.61.61.31:443
109.76.174.191:443
109.149.148.242:2222
92.98.139.2:2222
103.71.21.107:443
31.53.29.205:2222
200.109.20.215:2222
73.214.105.238:443
72.88.245.71:443
178.152.28.73:443
70.189.114.159:443
70.24.104.146:2222
94.3.71.196:443
24.187.145.201:2222
70.55.187.152:2222
103.169.83.89:443
47.196.225.236:443
47.16.77.136:2222
190.218.125.145:443
69.159.158.197:2222
2.82.8.80:443
74.92.243.113:50000
80.47.61.240:2222
198.2.51.242:993
80.13.205.69:2222
176.142.207.63:443
50.68.204.71:993
85.241.180.94:443
95.95.175.98:2222
84.35.26.14:995
197.92.136.122:443
174.4.89.3:443
187.199.103.21:32103
190.191.35.122:443
78.192.109.105:2222
90.165.109.4:2222
50.68.204.71:995
49.245.82.178:2222
12.172.173.82:32101
81.229.117.95:2222
184.153.132.82:443
173.178.151.233:443
190.11.198.76:443
190.28.94.54:443
162.248.14.107:443
50.68.186.195:443
108.190.203.42:995
136.35.241.159:443
73.215.22.78:443
87.202.101.164:50000
50.68.204.71:443
12.172.173.82:22
12.172.173.82:995
173.18.126.3:443
75.143.236.149:443
91.169.12.198:32100
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
x.bat
-
Size
24B
-
MD5
2b2ef25b695683a82fe6d92a2c3e8994
-
SHA1
c3c9911c6a780735ca6fcb074659495bb60601f4
-
SHA256
7ae33cf772296474b192ffa57970bb02d937582c5a40547e230ac2246ad5222f
-
SHA512
c557aa90f04a1729d101588044ec76c273036015cbc4d2a029bab803f8ad1c0397d92627127d926d36676086baee03dc5584af80222d13fe5bdcb2409586e4bf
-