General
-
Target
c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
-
Size
2.1MB
-
Sample
230315-tbkxysgc6v
-
MD5
adfa9e13af7bff7b9304de834dc620e6
-
SHA1
1eceee464aefad0708f1e5ddcd0550b25da32fe0
-
SHA256
c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
-
SHA512
c3e459751cd7d36c6fe6934d03144536a3d0f6f85318bf14f798a6ea9d5bee2adf68cb20d2c9ecf861a9bd96b5fd75750fcf283f8fe17a878f19ab7706692c66
-
SSDEEP
3072:DNoM+4+Kci5Cbw8IsklTVhKAgUbV6RWWuZ:DW0NHmt9klHb4
Static task
static1
Behavioral task
behavioral1
Sample
c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1.dll
Resource
win7-20230220-en
Malware Config
Extracted
qakbot
401.62
abc107
1607078484
32.212.117.188:443
109.205.204.229:2222
72.36.59.46:2222
173.18.126.193:2222
96.225.88.23:443
89.137.211.239:443
110.142.205.182:443
82.76.47.211:443
193.83.25.177:995
67.40.253.209:995
73.244.83.199:443
2.90.186.243:995
189.252.62.238:995
141.237.135.194:443
82.78.70.128:443
185.125.151.172:443
79.117.239.22:2222
86.189.252.131:2222
83.114.243.80:2222
2.50.56.81:443
191.84.4.150:443
83.202.68.220:2222
184.98.97.227:995
96.21.251.127:2222
58.179.21.147:995
200.75.136.78:443
37.21.231.245:995
81.97.154.100:443
185.105.131.233:443
45.32.165.134:443
140.82.27.132:443
45.32.162.253:443
201.127.76.175:2222
86.122.248.164:2222
67.141.11.98:443
73.51.245.231:995
37.116.152.122:2078
111.95.212.237:2222
172.87.157.235:3389
116.240.78.45:995
68.131.19.52:443
93.149.253.201:2222
78.187.125.116:2222
86.121.43.200:443
82.76.238.65:2222
84.232.252.202:2222
184.21.136.237:995
37.234.175.105:995
80.14.22.234:2222
24.179.13.119:443
46.209.237.214:995
71.163.223.144:443
86.98.34.84:995
41.239.180.69:993
195.97.101.40:443
2.7.202.106:2222
103.102.100.78:2222
65.131.47.74:995
37.171.1.224:0
79.166.96.86:2222
83.110.74.173:443
120.150.218.241:443
161.142.217.62:443
180.233.150.134:443
182.161.6.57:3389
164.155.230.98:443
85.105.29.218:443
151.27.126.133:443
217.162.149.212:443
92.154.83.96:2087
105.198.236.99:443
72.66.47.70:443
211.24.72.253:443
118.160.160.116:443
72.28.255.159:995
86.97.162.141:2222
92.154.83.96:2222
68.46.142.48:995
47.196.192.184:443
24.218.181.15:443
24.43.22.220:993
193.248.154.174:2222
173.21.10.71:2222
75.136.40.155:443
67.61.157.208:443
125.63.101.62:443
2.51.246.190:995
98.121.187.78:443
172.78.30.215:443
160.3.184.253:443
78.162.70.119:443
80.11.5.65:2222
78.63.226.32:443
81.214.126.173:2222
80.195.103.146:2222
174.87.65.179:443
136.232.34.70:443
86.245.87.251:2078
47.146.34.236:443
24.95.61.62:443
87.218.53.206:2222
176.45.218.26:995
197.86.204.84:443
78.101.145.96:61201
174.62.13.151:443
37.106.7.7:443
81.150.181.168:2222
94.69.112.148:2222
151.33.226.156:443
109.154.193.21:2222
69.181.191.232:443
96.40.175.33:443
79.115.171.106:2222
217.128.117.218:2222
87.115.120.176:2222
89.137.77.237:443
47.21.192.182:2222
81.133.234.36:2222
62.38.114.12:2222
94.52.160.116:443
181.129.155.10:443
84.117.176.32:443
151.75.13.83:443
45.63.107.192:2222
197.135.156.41:443
78.181.19.134:443
71.10.43.79:443
92.154.83.96:2078
144.202.38.185:995
149.28.99.97:2222
149.28.98.196:443
144.202.38.185:443
149.28.98.196:995
92.154.83.96:1194
149.28.99.97:443
89.137.211.72:443
45.63.107.192:995
149.28.98.196:2222
144.202.38.185:2222
203.106.195.67:443
162.157.19.33:2222
98.124.76.187:443
122.59.40.31:443
199.116.241.147:443
121.58.199.24:443
120.151.95.167:443
85.132.36.111:2222
75.136.26.147:443
24.27.82.216:2222
94.69.242.254:2222
-
salt
jHxastDcds)oMc=jvh7wdUhxcsdt2
Targets
-
-
Target
c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
-
Size
2.1MB
-
MD5
adfa9e13af7bff7b9304de834dc620e6
-
SHA1
1eceee464aefad0708f1e5ddcd0550b25da32fe0
-
SHA256
c59d033fa3a58112f7520113699c74552c4d12bb10783fa880359ec94affe2a1
-
SHA512
c3e459751cd7d36c6fe6934d03144536a3d0f6f85318bf14f798a6ea9d5bee2adf68cb20d2c9ecf861a9bd96b5fd75750fcf283f8fe17a878f19ab7706692c66
-
SSDEEP
3072:DNoM+4+Kci5Cbw8IsklTVhKAgUbV6RWWuZ:DW0NHmt9klHb4
-
Loads dropped DLL
-