General

  • Target

    x

  • Size

    358KB

  • Sample

    230515-vramlagf26

  • MD5

    274f5342dc27d798e2fc8873ce40e99f

  • SHA1

    dffcc060115248237cd90c1cf3a23d2631db136e

  • SHA256

    34a9e75937568a00ef684efff6985251b7b9d9c65159c756ea7e9d4eb665d9ab

  • SHA512

    fc036ed531ca9afda2419f9da4b664be4e04ebc5200f33a2d1d8f46a37b15583e692c00b7f1302a70fad2a129fbefe886ec91599c9fd12adc0318581eda8b4d8

  • SSDEEP

    6144:a/D0Hb7UDqr1yb1tux77q/Mt12SF7GhUdHMGMIvHQgx77QxxgHb9VnpTBJjT8UZ:oD0Hb7L1yb1tux77q/MW6uIvwO77cgHa

Malware Config

Extracted

Family

qakbot

Version

404.1038

Botnet

obama263

Campaign

1684141535

C2

103.140.174.20:2222

91.75.114.200:443

102.156.218.92:443

91.2.143.185:995

90.165.109.4:2222

85.152.152.46:443

182.185.181.202:995

65.190.242.244:443

122.186.210.254:443

58.162.223.233:443

98.145.23.67:443

41.186.88.38:443

139.226.47.229:995

12.172.173.82:993

197.148.17.17:2078

43.243.215.210:443

178.152.124.169:443

50.68.204.71:443

217.165.234.249:443

116.74.164.93:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      x

    • Size

      358KB

    • MD5

      274f5342dc27d798e2fc8873ce40e99f

    • SHA1

      dffcc060115248237cd90c1cf3a23d2631db136e

    • SHA256

      34a9e75937568a00ef684efff6985251b7b9d9c65159c756ea7e9d4eb665d9ab

    • SHA512

      fc036ed531ca9afda2419f9da4b664be4e04ebc5200f33a2d1d8f46a37b15583e692c00b7f1302a70fad2a129fbefe886ec91599c9fd12adc0318581eda8b4d8

    • SSDEEP

      6144:a/D0Hb7UDqr1yb1tux77q/Mt12SF7GhUdHMGMIvHQgx77QxxgHb9VnpTBJjT8UZ:oD0Hb7L1yb1tux77q/MW6uIvwO77cgHa

MITRE ATT&CK Enterprise v6

Tasks