General

  • Target

    raw.dll

  • Size

    950KB

  • Sample

    230530-3c86lscd6t

  • MD5

    424506237ad20f9c0521c53affaee30b

  • SHA1

    df6fe5b4daa2e664f0cdcd01d46ee83a27c0f367

  • SHA256

    1cdd893f8ffcb29db0452fae042c4c2778bc565d7bcaacc0b2903e5ae8b9d4c4

  • SHA512

    24b89814e475f922ee5fa2a22cd5e9d2d51043b6dacf828e0ef3aed3a786de40f8cb56d1b1ee5c47f01e06d2cf5500b9f7832fc438ea115304fc7cdfed66d30b

  • SSDEEP

    24576:D7AkdHt+UnNtqbVotX4Dw/9JGCZdBK/+NYouXFPn/yd4c:DZ8RDwlJGoY7Xc

Malware Config

Extracted

Family

qakbot

Version

404.1320

Botnet

BB30

Campaign

1685433861

C2

12.172.173.82:50001

178.175.187.254:443

65.95.141.84:2222

205.237.67.69:995

83.110.223.61:443

193.253.100.236:2222

27.0.48.233:443

102.159.188.125:443

71.38.155.217:443

58.186.75.42:443

76.178.148.107:2222

70.28.50.223:2087

114.143.176.236:443

51.14.29.227:2222

59.28.84.65:443

173.88.135.179:443

103.144.201.56:2078

96.87.28.170:2222

105.186.128.181:995

176.142.207.63:443

Targets

    • Target

      raw.dll

    • Size

      950KB

    • MD5

      424506237ad20f9c0521c53affaee30b

    • SHA1

      df6fe5b4daa2e664f0cdcd01d46ee83a27c0f367

    • SHA256

      1cdd893f8ffcb29db0452fae042c4c2778bc565d7bcaacc0b2903e5ae8b9d4c4

    • SHA512

      24b89814e475f922ee5fa2a22cd5e9d2d51043b6dacf828e0ef3aed3a786de40f8cb56d1b1ee5c47f01e06d2cf5500b9f7832fc438ea115304fc7cdfed66d30b

    • SSDEEP

      24576:D7AkdHt+UnNtqbVotX4Dw/9JGCZdBK/+NYouXFPn/yd4c:DZ8RDwlJGoY7Xc

MITRE ATT&CK Matrix

Tasks