General

  • Target

    default.png

  • Size

    356KB

  • Sample

    230515-w17jcsgg99

  • MD5

    fce88b20bceebd0bfed68131820efab6

  • SHA1

    0461dd044331ba548ec301930a956dbd65685d52

  • SHA256

    56460c4133222841796c34b0d177a8c5e52b71de5e37d5b1cd098823bcbe9af0

  • SHA512

    c9ee16ed2b56ba895d3e60cc0dfced304686a565c85fe2e2e273861ff4915848d31b44e53a4197534e54fe60feb60e434ce03350465eb9c8bb4176dbc7cae3cd

  • SSDEEP

    6144:q/D0Hb7UDqr1yb1tux77q/Mt12SF7GhUdHMGMIvtx77QxxgHb9VnpTBJsp3zruNt:4D0Hb7L1yb1tux77q/MW6uIvr77cgHHp

Malware Config

Extracted

Family

qakbot

Version

404.1038

Botnet

BB28

Campaign

1684145503

C2

74.33.196.114:443

108.190.115.159:443

47.21.51.138:443

76.16.49.134:443

113.11.92.30:443

98.19.234.243:995

197.14.208.59:443

88.126.94.4:50000

24.69.137.232:2222

70.28.50.223:32100

184.176.35.223:2222

12.172.173.82:50001

87.202.101.164:50000

70.28.50.223:2087

75.109.111.89:443

86.130.9.227:2222

12.172.173.82:32101

70.28.50.223:3389

80.12.88.148:2222

174.118.68.176:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      default.png

    • Size

      356KB

    • MD5

      fce88b20bceebd0bfed68131820efab6

    • SHA1

      0461dd044331ba548ec301930a956dbd65685d52

    • SHA256

      56460c4133222841796c34b0d177a8c5e52b71de5e37d5b1cd098823bcbe9af0

    • SHA512

      c9ee16ed2b56ba895d3e60cc0dfced304686a565c85fe2e2e273861ff4915848d31b44e53a4197534e54fe60feb60e434ce03350465eb9c8bb4176dbc7cae3cd

    • SSDEEP

      6144:q/D0Hb7UDqr1yb1tux77q/Mt12SF7GhUdHMGMIvtx77QxxgHb9VnpTBJsp3zruNt:4D0Hb7L1yb1tux77q/MW6uIvr77cgHHp

MITRE ATT&CK Enterprise v6

Tasks