General

  • Target

    230501-ncevfaapjs_pw_infected.zip

  • Size

    267KB

  • Sample

    230504-mr6q2abg42

  • MD5

    cad74f42ef76ffab8e0e13b9fcc010ca

  • SHA1

    7b65635e26874fe6ced6a36ba1b14191de7fa1db

  • SHA256

    44d9e8a18f0444fc2604d413b91c441ea64501ccbc9e5e941c08a7dd736bc6f1

  • SHA512

    95ab77eae66a7b1805290ad5d170fe88d6ecd984a355442b7fcef1777c639d4c63c81c0463e38fab835eaff79982846f6ffc07424e4c47901f2d59d81427b027

  • SSDEEP

    6144:M/ICWRylPi6MT+hYZElZf5xTBKHIKmoq2+1HbJ3LOE7iAJ:MgdiPi6MiYZa9Ku28tiNAJ

Malware Config

Extracted

Family

qakbot

Version

404.1026

Botnet

obama256

Campaign

1682410355

C2

96.56.197.26:2222

151.30.34.144:443

217.165.239.223:443

91.82.4.46:443

151.213.66.34:995

81.111.108.123:443

88.171.156.150:50000

92.149.250.113:2222

92.189.214.236:2222

103.123.223.130:443

67.10.2.240:995

70.112.206.5:443

86.225.214.138:2222

172.248.42.122:443

147.219.4.194:443

24.139.11.137:443

74.92.243.115:50000

198.2.51.242:993

75.98.154.19:443

92.239.81.124:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      akujulaheq1znfv.dat

    • Size

      484KB

    • MD5

      6725bb4f61228f18b17670b049efbd8c

    • SHA1

      60e5654c97b7a824b7b9d99094f5ed6f1ff7eb37

    • SHA256

      8a0e07b73dfb57c9ef67ea9dc15c2e6c00c88af5bdb44ecf5c4996373b2c4903

    • SHA512

      73e7b72a6b6360a5f25d5e2812aef209bc7b18d3397fc4d1b34de12f316afd3671d27afe14be6728e81d4ea8bfac0e647925d98a79cc4daa44649890bf32e074

    • SSDEEP

      12288:PktrSicS34lshdebVXcqf8FJfDIHx8osKFlGE:MtrSFS3D0xjf8FJbA8osKFP

    Score
    6/10
    • Target

      run.bat

    • Size

      48B

    • MD5

      f8a11212caf7bb0b678009099edb77ba

    • SHA1

      a3caedf69f3a72490b5d519e61b44810576501ef

    • SHA256

      8354444c2731226b88ba03e35784862e591249a5cb14a27c31fc0cb3aed89275

    • SHA512

      dadd00a61185265187a7ecf3a792b7764f69d2e8fa3d9ded31d6f5d721228213b57ed57d98853e59428bcefa001a0942295eb596b79b14264f5101419be64a0b

MITRE ATT&CK Enterprise v6

Tasks