General

  • Target

    broomsticks.dat

  • Size

    358KB

  • Sample

    230531-r3t9laga6t

  • MD5

    0a12ea64d20c1597c731234b372e3a45

  • SHA1

    a0ebe9d4c0ad64b89916b7db4e1122d582912c14

  • SHA256

    7a41e630b680671f951f8bef9a798ed088e32379cec5c938051e448d5faf810c

  • SHA512

    f5177bb7c66334a1abbe7cd399207dffeffa29baa0ef330224844f371d9b7bc9ee8e3a3ca3e5e3b7bb5165d2fa591d9f23297c4cc4923e5beafbdeeab6d3b300

  • SSDEEP

    6144:ELh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zsjiBsTYrPlUEYD/QzkRWAFctOp6y:mInTDtXF15zsjiyZ/0tSkStJB/ts

Malware Config

Extracted

Family

qakbot

Version

404.1320

Botnet

BB30

Campaign

1685526716

C2

198.2.51.242:993

88.126.94.4:50000

123.3.240.16:6881

183.87.163.165:443

27.99.32.26:2222

180.151.229.230:2078

27.109.19.90:2078

122.184.143.86:443

105.101.207.3:443

84.215.202.8:443

85.231.105.49:2222

12.172.173.82:995

184.181.75.148:443

72.134.124.16:443

149.74.159.67:2222

174.4.89.3:443

200.84.200.20:2222

223.166.13.95:995

69.133.162.35:443

80.12.88.148:2222

Targets

    • Target

      broomsticks.dat

    • Size

      358KB

    • MD5

      0a12ea64d20c1597c731234b372e3a45

    • SHA1

      a0ebe9d4c0ad64b89916b7db4e1122d582912c14

    • SHA256

      7a41e630b680671f951f8bef9a798ed088e32379cec5c938051e448d5faf810c

    • SHA512

      f5177bb7c66334a1abbe7cd399207dffeffa29baa0ef330224844f371d9b7bc9ee8e3a3ca3e5e3b7bb5165d2fa591d9f23297c4cc4923e5beafbdeeab6d3b300

    • SSDEEP

      6144:ELh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zsjiBsTYrPlUEYD/QzkRWAFctOp6y:mInTDtXF15zsjiyZ/0tSkStJB/ts

MITRE ATT&CK Matrix

Tasks