General
-
Target
doc_F427_May_31.7z
-
Size
219KB
-
Sample
230531-vq45tagc56
-
MD5
4f070a66994dc1899b9f88440824a3d4
-
SHA1
8a99b412f8c809adc6a9b971abda1c34c50977af
-
SHA256
8c4d508ea26e07fd299d88d61b6bf1fc44372e005331a75f7e9b0f6c703e7e74
-
SHA512
384ca0fe1e3301f6c04a343de66a52db5511f6654380681c154c25c40e1ffd66f41eb880a47828dfe883be3f8e26fb216b15c621912956f2d14a1e407fbfd808
-
SSDEEP
6144:oY6iv2xQZwxH8ic5QIYLRSBaHBNlAvtU0JAe:p+xQZcH8icjYAiBIUe
Static task
static1
Behavioral task
behavioral1
Sample
loader.bat
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
loader.bat
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
sus.dll
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
sus.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
qakbot
404.1320
BB30
1685526716
198.2.51.242:993
88.126.94.4:50000
123.3.240.16:6881
183.87.163.165:443
27.99.32.26:2222
180.151.229.230:2078
27.109.19.90:2078
122.184.143.86:443
105.101.207.3:443
84.215.202.8:443
85.231.105.49:2222
12.172.173.82:995
184.181.75.148:443
72.134.124.16:443
149.74.159.67:2222
174.4.89.3:443
200.84.200.20:2222
223.166.13.95:995
69.133.162.35:443
80.12.88.148:2222
12.172.173.82:20
90.29.86.138:2222
124.149.143.189:2222
70.160.67.203:443
186.64.67.30:443
165.120.169.171:2222
116.74.164.144:443
92.186.69.229:2222
95.45.50.93:2222
84.35.26.14:995
89.129.109.27:2222
174.58.146.57:443
201.143.215.69:443
12.172.173.82:2087
213.55.33.103:443
50.68.204.71:443
92.239.81.124:443
64.121.161.102:443
2.82.8.80:443
47.34.30.133:443
147.147.30.126:2222
94.30.98.134:32100
188.28.19.84:443
116.120.145.170:995
79.77.142.22:2222
102.159.223.197:443
147.219.4.194:443
161.142.103.187:995
103.42.86.42:995
65.95.141.84:2222
205.237.67.69:995
103.123.223.133:443
82.127.153.75:2222
103.139.242.6:443
117.195.29.126:995
109.50.149.241:2222
161.129.37.43:443
71.38.155.217:443
58.186.75.42:443
124.122.47.148:443
220.240.164.182:443
59.28.84.65:443
79.92.15.6:443
24.234.220.88:990
96.56.197.26:2083
78.160.146.127:443
69.123.4.221:2222
76.185.109.16:443
24.234.220.88:465
76.178.148.107:2222
122.186.210.254:443
70.28.50.223:2087
178.175.187.254:443
83.110.223.61:443
125.99.76.102:443
37.14.229.220:2222
173.88.135.179:443
62.35.230.21:995
199.27.66.213:443
96.87.28.170:2222
103.87.128.228:443
176.142.207.63:443
12.172.173.82:32101
76.16.49.134:443
12.172.173.82:465
184.182.66.109:443
70.28.50.223:32100
78.92.133.215:443
50.68.204.71:993
114.143.176.236:443
70.28.50.223:3389
50.68.186.195:443
47.205.25.170:443
12.172.173.82:993
76.170.252.153:995
69.242.31.249:443
85.104.105.67:443
79.168.224.165:2222
75.143.236.149:443
14.192.241.76:995
81.229.117.95:2222
105.184.99.124:995
98.145.23.67:443
12.172.173.82:21
75.109.111.89:443
76.86.31.59:443
201.244.108.183:995
68.203.69.96:443
103.144.201.56:2078
151.62.238.176:443
86.248.228.57:2078
85.57.212.13:3389
91.165.188.74:50000
45.51.102.225:443
74.136.224.98:443
47.199.241.39:443
94.204.232.135:443
70.49.205.198:2222
24.234.220.88:995
70.28.50.223:2083
Targets
-
-
Target
loader.bat
-
Size
38B
-
MD5
73abd259ba338a3c16f0852dd226c436
-
SHA1
40a462bc05600cd14a8055ebc785bd659175ff56
-
SHA256
74f65cbb217eb94f274311b8912670ac824c949133c2ebdc8937070d4065366c
-
SHA512
f72a24ff2afc1f52590991cc00c6b6758ed9d1bc92d2fd511a5f1f1cebc0145a414e978415e96e3b4bb14b7123d9341123d2288ae3a086533e8b5cb217cb86b2
-
-
-
Target
sus.dll
-
Size
398KB
-
MD5
bd125f3916ce3a8b1272c822b2ebdf15
-
SHA1
f12af127ad165f5530abdf7a805d96e636308358
-
SHA256
57ea4337104b5701cbce7a0de4701b20f6c36073cba09c3a375492da4fe20861
-
SHA512
2d18348cf3e7347b6ec15dd55b4317002aa2e8d7dd1816f3f38a694f51649cbb700eaf3d84c4e19d07f8173f37429d0983fee5537c0ae414f0c57036770d83ef
-
SSDEEP
6144:PLh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zs7iBsTYrPlUEYD/QzkRWAFctOp6D:TInTDtXF15zs7iyZ/0tUS1CU3BJbwP
Score3/10 -