General

  • Target

    4u.dll

  • Size

    478KB

  • Sample

    230516-q4th1sab41

  • MD5

    bb01057eca06a1c03a914a05e410eb34

  • SHA1

    fc46f2b4323e8f7b4633413014dbd4f049e66b69

  • SHA256

    da998906a392be07e2e290618bece813c1735f480b3a384d002d1ab51941aec6

  • SHA512

    410742c8b2d622c5cc4957a50f1b3b4c526ee3ae46cc730c4b205808667d19a1d9cab6cde0f7161e0c56e5f6c7dbe1f77eb5a8f1ce5df9309f0da501605e9a89

  • SSDEEP

    12288:UZcUmGsWdw0HCXs2rdu5B/WAN7rkKFoy1Q4PQX/7r2cEfarryCf82XRf5/HPjekg:sXYa2ywryCf82XRf5Kdo+mmtrL

Malware Config

Extracted

Family

qakbot

Version

404.1038

Botnet

BB28

Campaign

1684145503

C2

74.33.196.114:443

108.190.115.159:443

47.21.51.138:443

76.16.49.134:443

113.11.92.30:443

98.19.234.243:995

197.14.208.59:443

88.126.94.4:50000

24.69.137.232:2222

70.28.50.223:32100

184.176.35.223:2222

12.172.173.82:50001

87.202.101.164:50000

70.28.50.223:2087

75.109.111.89:443

86.130.9.227:2222

12.172.173.82:32101

70.28.50.223:3389

80.12.88.148:2222

174.118.68.176:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      4u.dll

    • Size

      478KB

    • MD5

      bb01057eca06a1c03a914a05e410eb34

    • SHA1

      fc46f2b4323e8f7b4633413014dbd4f049e66b69

    • SHA256

      da998906a392be07e2e290618bece813c1735f480b3a384d002d1ab51941aec6

    • SHA512

      410742c8b2d622c5cc4957a50f1b3b4c526ee3ae46cc730c4b205808667d19a1d9cab6cde0f7161e0c56e5f6c7dbe1f77eb5a8f1ce5df9309f0da501605e9a89

    • SSDEEP

      12288:UZcUmGsWdw0HCXs2rdu5B/WAN7rkKFoy1Q4PQX/7r2cEfarryCf82XRf5/HPjekg:sXYa2ywryCf82XRf5Kdo+mmtrL

MITRE ATT&CK Enterprise v6

Tasks