General

  • Target

    Corrective.reteporidae

  • Size

    540KB

  • Sample

    230613-xe2xesae54

  • MD5

    290a9203063f9a366a958eaa4c7ddf03

  • SHA1

    fc0b5894cdbd14d1e1d54f736e1847f5b6fa8e67

  • SHA256

    091f61249b879fb6a2dc1966b6944429236ae47171f44f5ddc4c468891620b03

  • SHA512

    0d2b0cd7a41b61480e04e3c8c1d4fea283536f8b13a26de32d7e9f7f8a096e1780938636581dac706950140195cfe9b40d58485a3a88d668b248d6412dc52b85

  • SSDEEP

    12288:xspsY6tHFBPl7rNu5bZHZ95gjyIaa0Pxg:xspsY6tHFBd7rIl175gjyIl0O

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686673959

C2

190.141.193.170:443

184.189.41.80:443

149.74.159.67:2222

41.227.83.112:995

24.234.220.88:443

165.120.244.223:2222

85.152.152.46:443

213.16.249.54:995

197.26.182.159:443

86.129.138.170:443

66.241.183.99:443

74.12.146.45:2222

190.199.147.209:2222

47.205.25.170:443

12.172.173.82:993

66.35.126.117:2222

84.35.26.14:995

64.145.76.21:22

147.147.30.126:2222

80.12.88.148:2222

Targets

    • Target

      Corrective.reteporidae

    • Size

      540KB

    • MD5

      290a9203063f9a366a958eaa4c7ddf03

    • SHA1

      fc0b5894cdbd14d1e1d54f736e1847f5b6fa8e67

    • SHA256

      091f61249b879fb6a2dc1966b6944429236ae47171f44f5ddc4c468891620b03

    • SHA512

      0d2b0cd7a41b61480e04e3c8c1d4fea283536f8b13a26de32d7e9f7f8a096e1780938636581dac706950140195cfe9b40d58485a3a88d668b248d6412dc52b85

    • SSDEEP

      12288:xspsY6tHFBPl7rNu5bZHZ95gjyIaa0Pxg:xspsY6tHFBd7rIl175gjyIl0O

MITRE ATT&CK Matrix

Tasks