General

  • Target

    dropthatboris.dat

  • Size

    334KB

  • Sample

    230503-t6y33afd49

  • MD5

    ec6bf63f1f3b1dd62e22764010c19c87

  • SHA1

    16e2dfe8765b41c9e645823dcff501f7a4aaf340

  • SHA256

    9fc7763a469121cd1cf7a7118c00f04f92005367a3e31752b51e42ee8c886ab5

  • SHA512

    06586a91351c478777309c2eebcb3ac65afc618b3c51e60d5c2f34ae9afb6785efa984a5378b620f42746130510d42819e5df1eb2af577569d5ab7f5cb56d165

  • SSDEEP

    6144:zGttsygB2RWc0sVkck6A4s9FGMReiD4DmELZ7e+piYE60W9OCdP:ittsygB2RWc0sVHk6AbDGSPYBpiN43d

Malware Config

Extracted

Family

qakbot

Version

404.1035

Botnet

BB26

Campaign

1683108322

C2

69.133.162.35:443

92.186.69.229:2222

92.1.170.110:995

93.150.183.229:2222

184.176.35.223:2222

75.143.236.149:443

14.192.241.76:995

151.65.214.218:443

201.244.108.183:995

92.188.241.102:443

103.111.70.66:443

86.171.131.244:995

12.172.173.82:22

96.56.197.26:2083

86.250.12.86:2222

47.21.51.138:443

27.99.32.26:2222

70.28.50.223:2083

108.190.115.159:443

151.213.66.34:995

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      dropthatboris.dat

    • Size

      334KB

    • MD5

      ec6bf63f1f3b1dd62e22764010c19c87

    • SHA1

      16e2dfe8765b41c9e645823dcff501f7a4aaf340

    • SHA256

      9fc7763a469121cd1cf7a7118c00f04f92005367a3e31752b51e42ee8c886ab5

    • SHA512

      06586a91351c478777309c2eebcb3ac65afc618b3c51e60d5c2f34ae9afb6785efa984a5378b620f42746130510d42819e5df1eb2af577569d5ab7f5cb56d165

    • SSDEEP

      6144:zGttsygB2RWc0sVkck6A4s9FGMReiD4DmELZ7e+piYE60W9OCdP:ittsygB2RWc0sVHk6AbDGSPYBpiN43d

MITRE ATT&CK Enterprise v6

Tasks