General

  • Target

    1696-56-0x0000000001CB0000-0x0000000001CD4000-memory.dmp

  • Size

    144KB

  • Sample

    230515-wbn1qafb61

  • MD5

    54eeaa414446b475bf3fddc32156583f

  • SHA1

    e32663b93f9848db71af744c83ce252d6662fa7f

  • SHA256

    2b713d8dd6d8136ee2e4f08c44f5f9802fab325406112dc8adafc96275258f8f

  • SHA512

    467f6801b5996ed526b5e0a52d7bfa35763c1e4ea3f84f34e9f5f70e1dd0dbd324632579ca9c7d1434772765784298c890462fbf1c108b4fcd05990f11c4ea6b

  • SSDEEP

    3072:y/KPszyyEg+1RfV7/KwykGAe+Jy5DhoTBf/ONdTg:5m2g+7J/kkje+JsDhoTB3ONi

Score
10/10

Malware Config

Extracted

Family

qakbot

Version

404.1038

Botnet

BB27

Campaign

1683811051

C2

113.11.92.30:443

86.130.9.208:2222

27.109.19.90:2078

70.28.50.223:32100

89.129.109.27:2222

12.172.173.82:21

70.28.50.223:2087

200.93.26.107:2222

50.68.204.71:993

12.172.173.82:32101

173.88.135.179:443

70.28.50.223:3389

86.99.48.130:2222

67.219.197.94:443

76.64.99.251:2222

86.250.12.86:2222

136.35.241.159:443

69.157.243.204:2222

216.36.153.248:443

173.176.4.133:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      1696-56-0x0000000001CB0000-0x0000000001CD4000-memory.dmp

    • Size

      144KB

    • MD5

      54eeaa414446b475bf3fddc32156583f

    • SHA1

      e32663b93f9848db71af744c83ce252d6662fa7f

    • SHA256

      2b713d8dd6d8136ee2e4f08c44f5f9802fab325406112dc8adafc96275258f8f

    • SHA512

      467f6801b5996ed526b5e0a52d7bfa35763c1e4ea3f84f34e9f5f70e1dd0dbd324632579ca9c7d1434772765784298c890462fbf1c108b4fcd05990f11c4ea6b

    • SSDEEP

      3072:y/KPszyyEg+1RfV7/KwykGAe+Jy5DhoTBf/ONdTg:5m2g+7J/kkje+JsDhoTB3ONi

    Score
    1/10

MITRE ATT&CK Matrix

Tasks