General

  • Target

    ICareBecauseYoudo.dat

  • Size

    823KB

  • Sample

    230614-13yfpadh76

  • MD5

    13214273f4ee6255bb03c7030a3a855d

  • SHA1

    401adb3b0a574c96dacb53b4faf7e732355a1d9e

  • SHA256

    10837b4758b8ad394b8804dc14bde2bffcebce0716636869d17eb51a4aa1e1ab

  • SHA512

    f2d773184d5b5a8085a43986a3fe520e7e2729b75c5bc920847d60365b6a22cdc125852c3eab4c53824cda1f961aee1b9bd634337f5238370cc595366144a9a6

  • SSDEEP

    24576:3C4lIeA97+mgxDkID8c4aykLy6GNZDjf:37iovQatLy

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686735623

C2

86.129.138.170:443

113.11.92.30:443

12.172.173.82:2087

72.205.104.134:443

84.213.236.225:995

92.186.69.229:2222

1.221.179.74:443

103.141.50.43:995

58.162.223.233:443

96.242.126.116:2222

92.154.17.149:2222

75.109.111.89:443

125.99.76.102:443

80.12.88.148:2222

109.149.147.195:2222

27.99.32.26:2222

70.28.50.223:3389

70.28.50.223:32100

86.97.96.62:2222

66.241.183.99:443

Targets

    • Target

      ICareBecauseYoudo.dat

    • Size

      823KB

    • MD5

      13214273f4ee6255bb03c7030a3a855d

    • SHA1

      401adb3b0a574c96dacb53b4faf7e732355a1d9e

    • SHA256

      10837b4758b8ad394b8804dc14bde2bffcebce0716636869d17eb51a4aa1e1ab

    • SHA512

      f2d773184d5b5a8085a43986a3fe520e7e2729b75c5bc920847d60365b6a22cdc125852c3eab4c53824cda1f961aee1b9bd634337f5238370cc595366144a9a6

    • SSDEEP

      24576:3C4lIeA97+mgxDkID8c4aykLy6GNZDjf:37iovQatLy

MITRE ATT&CK Matrix

Tasks