General
-
Target
distantly.dat
-
Size
682KB
-
Sample
230602-m7475sba85
-
MD5
5f1e08625d65bb93e8bf4611d2ee9070
-
SHA1
56fc9eb319ac902ac7e26357bd4cc598a3644d38
-
SHA256
7bfa0fc80cf1b4dc110356aad858ed3638985dce794286dfe9a25ff3869fed02
-
SHA512
94de1f8c3da8439f6bee529cf6e4d10979ca757af0b30f27b7d9f2d0dbbd18051c9b49e3c7470c2c271bbf1221986497e266168ff9a2d47d5b47924eac7fd011
-
SSDEEP
12288:dDxy+2MIBYYimb3oG11xfTUOz3dluiIIN:Vg+2MIBYkb4G11hTsi
Static task
static1
Behavioral task
behavioral1
Sample
distantly.dll
Resource
win7-20230220-en
Malware Config
Extracted
qakbot
404.1346
BB30
1685686808
86.173.2.12:2222
92.9.45.20:2222
100.4.163.158:2222
213.64.33.92:2222
75.98.154.19:443
78.192.109.105:2222
88.126.94.4:50000
70.28.50.223:2083
92.154.17.149:2222
24.234.220.88:993
87.252.106.39:995
174.4.89.3:443
12.172.173.82:20
90.29.86.138:2222
70.160.67.203:443
223.166.13.95:995
184.181.75.148:443
95.45.50.93:2222
201.143.215.69:443
64.121.161.102:443
2.82.8.80:443
188.28.19.84:443
81.101.185.146:443
79.77.142.22:2222
84.215.202.8:443
183.87.163.165:443
74.12.147.139:2078
74.12.147.139:2222
74.12.147.139:2083
70.28.50.223:2078
94.204.202.106:443
87.221.153.182:2222
70.28.50.223:2087
24.234.220.88:990
2.49.63.160:2222
72.205.104.134:443
199.27.66.213:443
83.249.198.100:2222
90.104.151.37:2222
116.75.63.183:443
117.195.17.148:993
77.126.99.230:443
45.62.70.33:443
24.234.220.88:465
203.109.44.236:995
75.109.111.89:443
161.142.103.187:995
77.86.98.236:443
147.147.30.126:2222
124.246.122.199:2222
103.123.223.133:443
180.151.19.13:2078
176.142.207.63:443
12.172.173.82:32101
103.140.174.20:2222
70.50.83.216:2222
12.172.173.82:465
38.2.18.164:443
93.187.148.45:995
70.64.77.115:443
12.172.173.82:21
70.49.205.198:2222
27.0.48.233:443
12.172.173.82:50001
83.110.223.61:443
103.141.50.43:995
85.101.239.116:443
103.42.86.42:995
92.1.170.110:995
81.229.117.95:2222
124.122.47.148:443
103.212.19.254:995
103.139.242.6:443
125.99.76.102:443
50.68.186.195:443
47.205.25.170:443
12.172.173.82:993
12.172.173.82:22
70.28.50.223:32100
79.168.224.165:2222
121.121.108.120:995
69.160.121.6:61201
200.84.211.255:2222
201.244.108.183:995
93.187.148.45:443
85.61.165.153:2222
184.182.66.109:443
175.156.217.7:2222
70.28.50.223:3389
114.143.176.236:443
65.95.141.84:2222
80.6.50.34:443
12.172.173.82:2087
47.199.241.39:443
66.241.183.99:443
113.11.92.30:443
186.75.95.6:443
125.99.69.178:443
109.130.247.84:2222
96.56.197.26:2222
70.50.1.252:2222
91.160.70.68:32100
67.70.120.249:2222
209.171.160.69:995
98.163.227.79:443
176.133.4.230:995
24.234.220.88:995
45.62.75.250:443
200.44.198.47:2222
173.17.45.60:443
5.192.141.228:2222
184.63.133.131:995
78.82.143.154:2222
73.88.173.113:443
181.4.225.225:443
24.234.220.88:443
174.58.146.57:443
Targets
-
-
Target
distantly.dat
-
Size
682KB
-
MD5
5f1e08625d65bb93e8bf4611d2ee9070
-
SHA1
56fc9eb319ac902ac7e26357bd4cc598a3644d38
-
SHA256
7bfa0fc80cf1b4dc110356aad858ed3638985dce794286dfe9a25ff3869fed02
-
SHA512
94de1f8c3da8439f6bee529cf6e4d10979ca757af0b30f27b7d9f2d0dbbd18051c9b49e3c7470c2c271bbf1221986497e266168ff9a2d47d5b47924eac7fd011
-
SSDEEP
12288:dDxy+2MIBYYimb3oG11xfTUOz3dluiIIN:Vg+2MIBYkb4G11hTsi
-