General

  • Target

    80a11b90913cdc98cf3ebff94e2878cc41ff73cf0f10990390df5c1aa35b9454.dll

  • Size

    390KB

  • Sample

    230531-y7n2psbd2z

  • MD5

    1c7e16c0f327140eb5966eb9c08147ee

  • SHA1

    66a3dfadae3914bad946933b9ee4a115f4d306db

  • SHA256

    80a11b90913cdc98cf3ebff94e2878cc41ff73cf0f10990390df5c1aa35b9454

  • SHA512

    0a32356f55174d57ce2db7f6f554a4ef25b04842eef4d90a0f4cedfe7728ab66aeb4958d13aa2bac957126ede11eed2702e238ff0adef205ac8734ff2ef619f6

  • SSDEEP

    6144:PLh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zs7iBsTYrPlUEYD/QzkRWAFctOp6B:TInTDtXF15zs7iyZ/0tUS1CU3BJbwP

Malware Config

Extracted

Family

qakbot

Version

404.1320

Botnet

BB30

Campaign

1685526716

C2

198.2.51.242:993

88.126.94.4:50000

123.3.240.16:6881

183.87.163.165:443

27.99.32.26:2222

180.151.229.230:2078

27.109.19.90:2078

122.184.143.86:443

105.101.207.3:443

84.215.202.8:443

85.231.105.49:2222

12.172.173.82:995

184.181.75.148:443

72.134.124.16:443

149.74.159.67:2222

174.4.89.3:443

200.84.200.20:2222

223.166.13.95:995

69.133.162.35:443

80.12.88.148:2222

Targets

    • Target

      80a11b90913cdc98cf3ebff94e2878cc41ff73cf0f10990390df5c1aa35b9454.dll

    • Size

      390KB

    • MD5

      1c7e16c0f327140eb5966eb9c08147ee

    • SHA1

      66a3dfadae3914bad946933b9ee4a115f4d306db

    • SHA256

      80a11b90913cdc98cf3ebff94e2878cc41ff73cf0f10990390df5c1aa35b9454

    • SHA512

      0a32356f55174d57ce2db7f6f554a4ef25b04842eef4d90a0f4cedfe7728ab66aeb4958d13aa2bac957126ede11eed2702e238ff0adef205ac8734ff2ef619f6

    • SSDEEP

      6144:PLh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zs7iBsTYrPlUEYD/QzkRWAFctOp6B:TInTDtXF15zs7iyZ/0tUS1CU3BJbwP

MITRE ATT&CK Matrix

Tasks