Resubmissions

03-05-2023 18:59

230503-xnh6nsga86 10

03-05-2023 18:34

230503-w7r29afh94 3

General

  • Target

    a42LfkJ6QAc8s9R.dat

  • Size

    332KB

  • Sample

    230503-xnh6nsga86

  • MD5

    c8c2b0c625aadd480f246fd9cbde0dea

  • SHA1

    b45046e5728f82ba549b6a637c30b969066a8c68

  • SHA256

    74001e9572641e53deebf6359e7ef90f3fd85f768c02a01200eeeaf08ead2a44

  • SHA512

    d092988399b32117a2c521dd0de0c26724568f2032a19f6c7820ecde624f2559b70866ea6905eb54c9597f85f94f463d39c3ddddbf4e6cd72699d3afd28bb80b

  • SSDEEP

    6144:HGttsygB2RWc0sVk5k6A4s9FGMReiD4DmEk5cci4j5zLgSdsg:mttsygB2RWc0sV6k6AbDGSPzqciwpPd

Malware Config

Extracted

Family

qakbot

Version

404.1035

Botnet

obama260

Campaign

1683106224

C2

74.92.243.115:50000

198.2.51.242:993

75.98.154.19:443

88.126.94.4:50000

24.69.137.232:2222

173.184.44.185:443

47.205.25.170:443

197.94.78.32:443

144.64.226.144:443

12.172.173.82:995

139.226.47.229:995

217.55.0.153:995

76.86.31.59:443

86.140.160.231:2222

174.4.89.3:443

197.2.249.187:443

12.172.173.82:21

173.88.135.179:443

2.82.8.80:443

100.6.31.96:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      a42LfkJ6QAc8s9R.dat

    • Size

      332KB

    • MD5

      c8c2b0c625aadd480f246fd9cbde0dea

    • SHA1

      b45046e5728f82ba549b6a637c30b969066a8c68

    • SHA256

      74001e9572641e53deebf6359e7ef90f3fd85f768c02a01200eeeaf08ead2a44

    • SHA512

      d092988399b32117a2c521dd0de0c26724568f2032a19f6c7820ecde624f2559b70866ea6905eb54c9597f85f94f463d39c3ddddbf4e6cd72699d3afd28bb80b

    • SSDEEP

      6144:HGttsygB2RWc0sVk5k6A4s9FGMReiD4DmEk5cci4j5zLgSdsg:mttsygB2RWc0sV6k6AbDGSPzqciwpPd

MITRE ATT&CK Enterprise v6

Tasks