General
-
Target
icule40_orig.dll
-
Size
332KB
-
Sample
230503-ta886ahb4v
-
MD5
401e607ca4648c0872a7f70baeadc7a3
-
SHA1
44bb4c18341acac6f8ca05bb1ea6775f71efcb32
-
SHA256
03ccfe67f7596c9babc3dba852733dcdacc9e20dcabcc636c74bd194cc18ba3b
-
SHA512
da5be245b7e1e4eb7b9f1a370b281f563301e480dbee9214afd4ffb1ce229514a4598568eae152cfd839072c5b2ef98cf3f2f917ac43325a8692ac7195f43f24
-
SSDEEP
6144:zGttsygB2RWc0sVkck6A4s9FGMReiD4DmELZ7e+piYE60W9OCdD:ittsygB2RWc0sVHk6AbDGSPYBpiN43d
Static task
static1
Behavioral task
behavioral1
Sample
icule40_orig.dll
Resource
win7-20230220-en
Malware Config
Extracted
qakbot
404.1035
BB26
1683108322
69.133.162.35:443
92.186.69.229:2222
92.1.170.110:995
93.150.183.229:2222
184.176.35.223:2222
75.143.236.149:443
14.192.241.76:995
151.65.214.218:443
201.244.108.183:995
92.188.241.102:443
103.111.70.66:443
86.171.131.244:995
12.172.173.82:22
96.56.197.26:2083
86.250.12.86:2222
47.21.51.138:443
27.99.32.26:2222
70.28.50.223:2083
108.190.115.159:443
151.213.66.34:995
12.172.173.82:465
81.240.235.122:2222
50.68.186.195:443
99.230.89.236:2078
75.109.111.89:443
58.162.223.233:443
23.30.173.133:443
92.239.81.124:443
68.173.170.110:8443
91.165.188.74:50000
70.64.77.115:443
76.16.49.134:443
147.219.4.194:443
147.147.30.126:2222
102.159.27.52:443
79.77.142.22:2222
82.36.36.76:443
86.130.9.128:2222
74.92.243.115:50000
198.2.51.242:993
75.98.154.19:443
88.126.94.4:50000
24.69.137.232:2222
173.184.44.185:443
47.205.25.170:443
197.94.78.32:443
144.64.226.144:443
12.172.173.82:995
139.226.47.229:995
217.55.0.153:995
76.86.31.59:443
86.140.160.231:2222
174.4.89.3:443
197.2.249.187:443
12.172.173.82:21
173.88.135.179:443
2.82.8.80:443
100.6.31.96:443
193.253.53.157:2078
24.236.90.197:2078
103.42.86.42:995
70.28.50.223:1194
50.68.204.71:995
176.202.45.209:443
50.68.204.71:993
186.64.67.41:443
68.229.150.95:443
103.141.50.79:995
70.28.50.223:32100
119.82.121.87:443
103.123.223.171:443
41.186.88.38:443
70.28.50.223:3389
27.109.19.90:2078
12.172.173.82:32101
91.169.12.198:32100
116.75.58.134:443
98.145.23.67:443
72.205.104.134:443
109.50.128.59:2222
89.114.140.100:443
91.75.121.31:443
12.172.173.82:993
81.111.108.123:443
104.35.24.154:443
50.68.204.71:443
73.0.34.177:443
105.184.209.139:995
161.142.98.36:995
71.38.155.217:443
35.143.97.145:995
162.248.14.107:443
149.74.159.67:2222
178.175.187.254:443
217.165.234.249:443
103.140.174.20:2222
102.158.70.210:443
31.53.29.198:2222
194.118.121.231:995
122.184.143.85:443
171.96.204.242:443
82.127.153.75:2222
74.93.148.97:995
46.24.47.243:995
184.182.66.109:443
71.78.95.86:995
70.112.206.5:443
81.229.117.95:2222
72.134.124.16:443
12.172.173.82:20
176.142.207.63:443
47.34.30.133:443
67.10.9.125:995
103.144.201.56:2078
92.27.86.48:2222
99.230.89.236:2083
107.146.12.26:2222
12.172.173.82:50001
76.170.252.153:995
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
icule40_orig.dll
-
Size
332KB
-
MD5
401e607ca4648c0872a7f70baeadc7a3
-
SHA1
44bb4c18341acac6f8ca05bb1ea6775f71efcb32
-
SHA256
03ccfe67f7596c9babc3dba852733dcdacc9e20dcabcc636c74bd194cc18ba3b
-
SHA512
da5be245b7e1e4eb7b9f1a370b281f563301e480dbee9214afd4ffb1ce229514a4598568eae152cfd839072c5b2ef98cf3f2f917ac43325a8692ac7195f43f24
-
SSDEEP
6144:zGttsygB2RWc0sVkck6A4s9FGMReiD4DmELZ7e+piYE60W9OCdD:ittsygB2RWc0sVHk6AbDGSPYBpiN43d
-
Drops file in System32 directory
-