Resubmissions

14-06-2023 09:27

230614-leqzdafd84 10

14-06-2023 09:08

230614-k3wdbsfc46 3

13-06-2023 17:04

230613-vk87kshd62 3

General

  • Target

    borisOutOFControl.dat.dll

  • Size

    513KB

  • Sample

    230614-leqzdafd84

  • MD5

    3b04f228ba4ffab9c470a17ddb5eccef

  • SHA1

    09668a0fee892222ffa07bbbfc0dc2731d6509c5

  • SHA256

    53e705c56ff89ab514519a0a8be6727593e754004aff0fec0b58efb5a41c12ac

  • SHA512

    13a434aec41550f3d91ab0bc272486513c998a4b3dde73caefc5eea83819cce3e6cf47f7cf85c75dec3827ec543590bab0866516bf4ae8a26e1133af29c4e4c5

  • SSDEEP

    12288:xspsY6tHFBPl7rNu5bZHZ95gjyIaa0Pxg:xspsY6tHFBd7rIl175gjyIl0O

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686673959

C2

190.141.193.170:443

184.189.41.80:443

149.74.159.67:2222

41.227.83.112:995

24.234.220.88:443

165.120.244.223:2222

85.152.152.46:443

213.16.249.54:995

197.26.182.159:443

86.129.138.170:443

66.241.183.99:443

74.12.146.45:2222

190.199.147.209:2222

47.205.25.170:443

12.172.173.82:993

66.35.126.117:2222

84.35.26.14:995

64.145.76.21:22

147.147.30.126:2222

80.12.88.148:2222

Targets

    • Target

      borisOutOFControl.dat.dll

    • Size

      513KB

    • MD5

      3b04f228ba4ffab9c470a17ddb5eccef

    • SHA1

      09668a0fee892222ffa07bbbfc0dc2731d6509c5

    • SHA256

      53e705c56ff89ab514519a0a8be6727593e754004aff0fec0b58efb5a41c12ac

    • SHA512

      13a434aec41550f3d91ab0bc272486513c998a4b3dde73caefc5eea83819cce3e6cf47f7cf85c75dec3827ec543590bab0866516bf4ae8a26e1133af29c4e4c5

    • SSDEEP

      12288:xspsY6tHFBPl7rNu5bZHZ95gjyIaa0Pxg:xspsY6tHFBd7rIl175gjyIl0O

MITRE ATT&CK Matrix

Tasks