General
-
Target
XyU8ZgqTP.dll.bin
-
Size
627KB
-
Sample
230511-xh539aaa88
-
MD5
8913a9551b5895bd57370f88274c80c2
-
SHA1
111d5ca894dc029d576a779a4b20ee5728a5db75
-
SHA256
0bb71786dd42fced85fd4d47da823753e83a5cb6af260bf67bb116905c8328d3
-
SHA512
684acadf678a8aee29df09c80d1f121474cc00d316b6f8407bc99e76f20ff7a54d3f1c6b3fdbcd56e494b07a1908fd83c57a3148970da839d6f4668820363e92
-
SSDEEP
12288:qzbDRgCdJy+vKjt/hp2JIdK6DOAj/di+I/dzAwuFQ5fC:qXVgoy+YdbKh6DOAjVi6wuFQ5fC
Static task
static1
Behavioral task
behavioral1
Sample
XyU8ZgqTP.dll
Resource
win7-20230220-en
Malware Config
Extracted
qakbot
404.1038
BB27
1683811051
113.11.92.30:443
86.130.9.208:2222
27.109.19.90:2078
70.28.50.223:32100
89.129.109.27:2222
12.172.173.82:21
70.28.50.223:2087
200.93.26.107:2222
50.68.204.71:993
12.172.173.82:32101
173.88.135.179:443
70.28.50.223:3389
86.99.48.130:2222
67.219.197.94:443
76.64.99.251:2222
86.250.12.86:2222
136.35.241.159:443
69.157.243.204:2222
216.36.153.248:443
173.176.4.133:443
92.154.17.149:2222
178.152.124.169:443
83.114.60.6:2222
24.206.27.39:443
184.153.132.82:443
68.109.240.71:443
208.180.17.32:2222
109.159.119.82:2222
186.52.239.187:995
190.28.74.251:443
86.244.255.82:2222
12.172.173.82:993
50.68.204.71:995
50.68.204.71:443
96.56.197.26:2083
37.14.229.220:2222
162.248.14.107:443
186.64.67.41:443
70.28.50.223:2222
2.82.8.80:443
104.35.24.154:443
35.143.97.145:995
98.145.23.67:443
72.88.245.71:443
86.222.100.184:2222
69.158.56.94:2222
65.190.242.244:443
209.243.10.63:443
92.20.204.198:2222
47.16.75.99:2222
67.70.122.196:2222
62.35.230.21:995
70.24.104.146:2222
12.172.173.82:995
73.29.92.128:443
76.170.252.153:995
116.74.164.175:443
173.22.114.208:443
79.77.142.22:2222
103.123.223.171:443
12.172.173.82:22
12.172.173.82:2087
202.184.123.13:443
71.38.155.217:443
86.176.16.18:443
109.50.128.59:2222
99.230.89.236:2083
92.27.86.48:2222
81.224.201.143:2222
201.208.135.167:2222
66.191.69.18:995
103.42.86.42:995
102.158.154.97:443
70.160.67.203:443
37.14.97.206:2222
139.226.47.229:995
91.68.227.219:443
82.127.153.75:2222
85.104.105.67:443
69.133.162.35:443
43.243.215.210:443
66.35.125.74:2222
173.61.50.155:3389
70.28.50.223:2078
178.175.187.254:443
217.165.234.249:443
217.44.108.89:2222
212.70.98.236:2222
193.253.100.236:2222
84.216.198.201:6881
47.132.248.132:443
173.178.151.233:443
144.64.226.144:443
171.96.192.178:443
105.184.108.82:995
41.227.211.88:443
172.115.17.50:443
70.112.206.5:443
122.184.143.86:443
157.119.85.203:443
47.199.241.39:443
72.134.124.16:443
99.230.89.236:2078
125.99.76.102:443
76.178.148.107:2222
147.219.4.194:443
47.34.30.133:443
192.145.116.194:443
119.82.121.87:443
67.10.9.125:995
41.186.88.38:443
95.242.101.251:995
68.68.170.218:443
213.91.235.146:443
71.78.95.86:995
92.9.45.20:2222
81.229.117.95:2222
201.244.108.183:995
74.33.196.114:443
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
XyU8ZgqTP.dll.bin
-
Size
627KB
-
MD5
8913a9551b5895bd57370f88274c80c2
-
SHA1
111d5ca894dc029d576a779a4b20ee5728a5db75
-
SHA256
0bb71786dd42fced85fd4d47da823753e83a5cb6af260bf67bb116905c8328d3
-
SHA512
684acadf678a8aee29df09c80d1f121474cc00d316b6f8407bc99e76f20ff7a54d3f1c6b3fdbcd56e494b07a1908fd83c57a3148970da839d6f4668820363e92
-
SSDEEP
12288:qzbDRgCdJy+vKjt/hp2JIdK6DOAj/di+I/dzAwuFQ5fC:qXVgoy+YdbKh6DOAjVi6wuFQ5fC
-