Overview

overview

10

Static

static

1

FfYIJfx.dat.dll

windows7-x64

10

FfYIJfx.dat.dll

windows10-2004-x64

3

Resubmissions

27-04-2023 15:17

230427-sn8zwaad3y 3

31-03-2023 14:29

230331-rt355sbb69 10

31-03-2023 14:16

230331-rk413sbb9t 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FfYIJfx.dat.dll

  • Size

    276KB

  • Sample

    230331-rt355sbb69

  • MD5

    35886785d255217c90ac1ad00a91d983

  • SHA1

    d98c8159dac6f16e1c227dd6d81f7d2d46cb6865

  • SHA256

    2d101cb5e071b57f48d93ad4cf1caa07199693d8073802209e6bf6e5a9188eb9

  • SHA512

    7626b80f3d9d8fb3c024c898c427119ea5d64ab7019958dadd5fba1210b408933919eb97a303942f9801e76d21845556329b8a419dd5f9ccba4445b52938b20e

  • SSDEEP

    6144:tIp4Y1c1tGUGHGJksYOFGwTwRqWzUTMfVHqpdtIO:tIp4Y1vHGJNtF5TwRqWzU9dN

Score
10/10
qakbotobama2471680268923bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

404.909

Botnet

obama247

Campaign

1680268923

C2

45.50.233.214:443

91.160.70.68:32100

47.21.51.138:443

72.200.109.104:443

49.245.95.124:2222

12.172.173.82:32101

50.68.204.71:443

92.136.51.189:2222

35.143.97.145:995

84.35.26.14:995

77.86.98.236:443

92.154.17.149:2222

76.170.252.153:995

12.172.173.82:2087

104.35.24.154:443

184.153.132.82:443

47.34.30.133:443

176.133.4.230:995

78.16.156.25:443

81.229.117.95:2222
Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      FfYIJfx.dat.dll

    • Size

      276KB

    • MD5

      35886785d255217c90ac1ad00a91d983

    • SHA1

      d98c8159dac6f16e1c227dd6d81f7d2d46cb6865

    • SHA256

      2d101cb5e071b57f48d93ad4cf1caa07199693d8073802209e6bf6e5a9188eb9

    • SHA512

      7626b80f3d9d8fb3c024c898c427119ea5d64ab7019958dadd5fba1210b408933919eb97a303942f9801e76d21845556329b8a419dd5f9ccba4445b52938b20e

    • SSDEEP

      6144:tIp4Y1c1tGUGHGJksYOFGwTwRqWzUTMfVHqpdtIO:tIp4Y1vHGJNtF5TwRqWzU9dN

    Score
    10/10
    qakbotobama2471680268923bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks