General

  • Target

    GiveItSomeTimeBoris.dat

  • Size

    317KB

  • Sample

    230502-zh2ryaec5y

  • MD5

    a38c775ea2895b5e73f0e9b603e4f45e

  • SHA1

    10bc2fc803d1888ce9ae910e6a5882b296220716

  • SHA256

    1e9e97f45143f1135c52fa930ea2836a6eed8093c4db45906e4ce9178c03b312

  • SHA512

    2d42acc776f5c4320c2f010e189b2969e3f9c544f64ca08d71c8f32845f536c279389b14a2e734fa266964189cf0ab4cf6a65452efd42ebd16229d4e3ab1a6d8

  • SSDEEP

    6144:IynKe1U6ybW6cShRZuWYteU/0luNwOGJptI+hLb4LGSKoJ/5PvV:ICjOi6DuRltOEGLELGSXzn

Malware Config

Extracted

Family

qakbot

Version

404.1035

Botnet

BB26

Campaign

1683023161

C2

171.96.204.242:443

114.143.176.235:443

201.244.108.183:995

92.188.241.102:443

86.250.12.86:2222

12.172.173.82:22

94.204.122.51:443

47.21.51.138:443

70.28.50.223:2083

86.130.9.128:2222

151.213.66.34:995

2.36.64.159:2078

12.172.173.82:465

69.133.162.35:443

41.186.88.38:443

86.140.160.231:2222

93.150.183.229:2222

62.35.230.21:995

184.176.35.223:2222

75.143.236.149:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      GiveItSomeTimeBoris.dat

    • Size

      317KB

    • MD5

      a38c775ea2895b5e73f0e9b603e4f45e

    • SHA1

      10bc2fc803d1888ce9ae910e6a5882b296220716

    • SHA256

      1e9e97f45143f1135c52fa930ea2836a6eed8093c4db45906e4ce9178c03b312

    • SHA512

      2d42acc776f5c4320c2f010e189b2969e3f9c544f64ca08d71c8f32845f536c279389b14a2e734fa266964189cf0ab4cf6a65452efd42ebd16229d4e3ab1a6d8

    • SSDEEP

      6144:IynKe1U6ybW6cShRZuWYteU/0luNwOGJptI+hLb4LGSKoJ/5PvV:ICjOi6DuRltOEGLELGSXzn

MITRE ATT&CK Enterprise v6

Tasks