General

  • Target

    608-55-0x0000000010000000-0x0000000010024000-memory.dmp

  • Size

    144KB

  • Sample

    230505-sfr2dsdb3s

  • MD5

    4bf2bd48c563bd86fa34ea30ba01d3df

  • SHA1

    2d9bac3386725e1ddee03f95b3411cfcc29348dc

  • SHA256

    1a99d1f081b81e89d5fbc23f2a2b03e8dc22ca1eb1a8d15c5e358832760cece2

  • SHA512

    afb30c1fab729939fba9d4b1a149f89246ccab8f0c5d0b176546979f6c191f42bc042dd1742c629ed2350722cba8b9ae79f31c9eb7cad133829714290772cd3e

  • SSDEEP

    3072:hg0KGh5Z8j3EzihlFsUA9QJb4VMHk8TBff5BQ:dKGJGEz+lOB2JEVMHk8TB3bQ

Malware Config

Extracted

Family

qakbot

Version

404.1035

Botnet

obama261

Campaign

1683268508

C2

174.4.89.3:443

23.30.173.133:443

70.51.136.238:2222

68.173.170.110:8443

47.21.51.138:443

70.64.77.115:443

76.16.49.134:443

64.121.161.102:443

108.190.115.159:443

98.19.224.125:995

12.172.173.82:465

147.219.4.194:443

86.250.12.86:2222

188.176.171.3:443

88.126.94.4:50000

87.202.101.164:50000

74.92.243.115:50000

98.176.5.56:443

198.2.51.242:993

75.98.154.19:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      608-55-0x0000000010000000-0x0000000010024000-memory.dmp

    • Size

      144KB

    • MD5

      4bf2bd48c563bd86fa34ea30ba01d3df

    • SHA1

      2d9bac3386725e1ddee03f95b3411cfcc29348dc

    • SHA256

      1a99d1f081b81e89d5fbc23f2a2b03e8dc22ca1eb1a8d15c5e358832760cece2

    • SHA512

      afb30c1fab729939fba9d4b1a149f89246ccab8f0c5d0b176546979f6c191f42bc042dd1742c629ed2350722cba8b9ae79f31c9eb7cad133829714290772cd3e

    • SSDEEP

      3072:hg0KGh5Z8j3EzihlFsUA9QJb4VMHk8TBff5BQ:dKGJGEz+lOB2JEVMHk8TB3bQ

    Score
    1/10

MITRE ATT&CK Matrix

Tasks