General

  • Target

    itsfresh.dat

  • Size

    250KB

  • Sample

    230504-l8sp3abe96

  • MD5

    1a9d42957bacf586d050739f4b1fa6f7

  • SHA1

    91a7c35c6fdf8f684b21815ff29a2745c16d901c

  • SHA256

    4acf40ba4dc505e027323e56fc1ffee7fa9909abe5186e2a8acf646069ecf290

  • SHA512

    b73cc866cde0b5ca60b121cd9347e3554dd22f35c7ea4755cb9c47af0f194a8fb8a3b66e4e60675ffe9faeef43117eebb7e0947707316f67c5da9416abcb625b

  • SSDEEP

    6144:SsUG4yxNqItF5W9XncaWDAdjaTNc8Qs3Az0tDCFHyHQT3JkYVU0ZIf2Bqp:Ssd4VItpkdjSe0AFHyw+0ZHq

Malware Config

Extracted

Family

qakbot

Version

404.1035

Botnet

BB26

Campaign

1683182516

C2

47.199.241.39:443

98.176.5.56:443

93.150.183.229:2222

184.176.35.223:2222

75.143.236.149:443

14.192.241.76:995

92.1.170.110:995

73.29.92.128:443

184.153.132.82:443

201.244.108.183:995

92.188.241.102:443

83.114.60.6:2222

86.130.9.128:2222

86.250.12.86:2222

47.21.51.138:443

108.190.115.159:443

98.19.224.125:995

147.147.30.126:2222

12.172.173.82:465

92.149.250.113:2222

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      itsfresh.dat

    • Size

      250KB

    • MD5

      1a9d42957bacf586d050739f4b1fa6f7

    • SHA1

      91a7c35c6fdf8f684b21815ff29a2745c16d901c

    • SHA256

      4acf40ba4dc505e027323e56fc1ffee7fa9909abe5186e2a8acf646069ecf290

    • SHA512

      b73cc866cde0b5ca60b121cd9347e3554dd22f35c7ea4755cb9c47af0f194a8fb8a3b66e4e60675ffe9faeef43117eebb7e0947707316f67c5da9416abcb625b

    • SSDEEP

      6144:SsUG4yxNqItF5W9XncaWDAdjaTNc8Qs3Az0tDCFHyHQT3JkYVU0ZIf2Bqp:Ssd4VItpkdjSe0AFHyw+0ZHq

MITRE ATT&CK Enterprise v6

Tasks