Resubmissions

31-05-2023 16:30

230531-tz2klsga87 10

30-05-2023 23:59

230530-31prwace4v 3

General

  • Target

    A649.dll

  • Size

    960KB

  • Sample

    230531-tz2klsga87

  • MD5

    644bff6674870c37b8bfd2f6b97616f4

  • SHA1

    6fdb6e4d113c4cfb43888e439c9328b2a396f947

  • SHA256

    15337bc14077fec44f6f4fe7f27279afad78efef637f86a384d3992b176c4694

  • SHA512

    17479dddd29bd79f0cc8b1911e9cf2f16912640ace9df78c4574da54c9cd704244e4c74a0ce0640ec4d6e2865786bb5d885aeec5edd47977495d3fa96cc36a09

  • SSDEEP

    24576:D7AkdHt+UnNtqbVotX4Dw/9JGCZdBK/+NYouXFPn/yd4I:DZ8RDwlJGoY7XI

Malware Config

Extracted

Family

qakbot

Version

404.1320

Botnet

BB30

Campaign

1685433861

C2

12.172.173.82:50001

178.175.187.254:443

65.95.141.84:2222

205.237.67.69:995

83.110.223.61:443

193.253.100.236:2222

27.0.48.233:443

102.159.188.125:443

71.38.155.217:443

58.186.75.42:443

76.178.148.107:2222

70.28.50.223:2087

114.143.176.236:443

51.14.29.227:2222

59.28.84.65:443

173.88.135.179:443

103.144.201.56:2078

96.87.28.170:2222

105.186.128.181:995

176.142.207.63:443

Targets

    • Target

      A649.dll

    • Size

      960KB

    • MD5

      644bff6674870c37b8bfd2f6b97616f4

    • SHA1

      6fdb6e4d113c4cfb43888e439c9328b2a396f947

    • SHA256

      15337bc14077fec44f6f4fe7f27279afad78efef637f86a384d3992b176c4694

    • SHA512

      17479dddd29bd79f0cc8b1911e9cf2f16912640ace9df78c4574da54c9cd704244e4c74a0ce0640ec4d6e2865786bb5d885aeec5edd47977495d3fa96cc36a09

    • SSDEEP

      24576:D7AkdHt+UnNtqbVotX4Dw/9JGCZdBK/+NYouXFPn/yd4I:DZ8RDwlJGoY7XI

MITRE ATT&CK Matrix

Tasks