General

  • Target

    3d696100adab4005b28c06b231ab5096c999420794d39bb83f824a144ee11a81

  • Size

    458KB

  • Sample

    230607-ybl78sff2w

  • MD5

    0c1fc94f8650dd40505cc6b1a820a074

  • SHA1

    5c6a4f0967826c9ac7ba0b12995a4f65d5221af6

  • SHA256

    3d696100adab4005b28c06b231ab5096c999420794d39bb83f824a144ee11a81

  • SHA512

    bc1ceb92aefa17279c08376fd9933ee462a80649cefab84c4e6293f6d36488cbd7f004ac72be642d909d50c644d8cb4d38cac151566531a936ec3a4cac8247d5

  • SSDEEP

    12288:1BBzPfDyNMCLzaf1jhk6rOB4VzW9PXNYL5FHnKaWl5N26fw:lfeNMCn0j5rjI1NO51SI6Y

Malware Config

Extracted

Family

qakbot

Version

404.1358

Botnet

obama267

Campaign

1686127648

C2

161.142.100.114:995

116.75.63.15:443

125.99.76.102:443

93.187.148.45:443

79.168.224.165:2222

31.53.29.216:2222

103.123.223.133:443

62.35.230.21:995

124.149.143.189:2222

109.50.149.241:2222

86.222.101.244:2222

45.62.70.33:443

24.234.220.88:995

201.244.108.183:995

190.75.134.240:2222

103.212.19.254:995

184.182.66.109:443

64.121.161.102:443

178.175.187.254:443

94.59.123.30:2222

Targets

    • Target

      3d696100adab4005b28c06b231ab5096c999420794d39bb83f824a144ee11a81

    • Size

      458KB

    • MD5

      0c1fc94f8650dd40505cc6b1a820a074

    • SHA1

      5c6a4f0967826c9ac7ba0b12995a4f65d5221af6

    • SHA256

      3d696100adab4005b28c06b231ab5096c999420794d39bb83f824a144ee11a81

    • SHA512

      bc1ceb92aefa17279c08376fd9933ee462a80649cefab84c4e6293f6d36488cbd7f004ac72be642d909d50c644d8cb4d38cac151566531a936ec3a4cac8247d5

    • SSDEEP

      12288:1BBzPfDyNMCLzaf1jhk6rOB4VzW9PXNYL5FHnKaWl5N26fw:lfeNMCn0j5rjI1NO51SI6Y

MITRE ATT&CK Matrix

Tasks