General

  • Target

    22222.dat

  • Size

    899KB

  • Sample

    230505-plgk3aad75

  • MD5

    5fb9a9ab58dfa190df81e7eb13d8171b

  • SHA1

    72abdd1e7739a5f2abec44be658d6535aba5c5fa

  • SHA256

    c56b4ec4692dee99616e4b9b7cdee43bfc66fc06f03ef27b471a7dd76162e92a

  • SHA512

    df002a38bd7639bb39752ae3d961bc56a1cfe05a185112470668bfec0d2b62b60a267a06ef06a4bbc18a9634d241fcacbc0c5f7b0b15bb5ea83e16272df706a5

  • SSDEEP

    24576:sHA2XMYABs772W/8vLc/9sgR+OVnh8gt42vCkzeztwPOfQWy5UuxVFLqsp:UMYABC8vLc/2jA8gpUuxVFLqW

Malware Config

Extracted

Family

qakbot

Version

404.1035

Botnet

obama261

Campaign

1683268508

C2

174.4.89.3:443

23.30.173.133:443

70.51.136.238:2222

68.173.170.110:8443

47.21.51.138:443

70.64.77.115:443

76.16.49.134:443

64.121.161.102:443

108.190.115.159:443

98.19.224.125:995

12.172.173.82:465

147.219.4.194:443

86.250.12.86:2222

188.176.171.3:443

88.126.94.4:50000

87.202.101.164:50000

74.92.243.115:50000

98.176.5.56:443

198.2.51.242:993

75.98.154.19:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      22222.dat

    • Size

      899KB

    • MD5

      5fb9a9ab58dfa190df81e7eb13d8171b

    • SHA1

      72abdd1e7739a5f2abec44be658d6535aba5c5fa

    • SHA256

      c56b4ec4692dee99616e4b9b7cdee43bfc66fc06f03ef27b471a7dd76162e92a

    • SHA512

      df002a38bd7639bb39752ae3d961bc56a1cfe05a185112470668bfec0d2b62b60a267a06ef06a4bbc18a9634d241fcacbc0c5f7b0b15bb5ea83e16272df706a5

    • SSDEEP

      24576:sHA2XMYABs772W/8vLc/9sgR+OVnh8gt42vCkzeztwPOfQWy5UuxVFLqsp:UMYABC8vLc/2jA8gpUuxVFLqW

MITRE ATT&CK Enterprise v6

Tasks