General
-
Target
overTheline.dat
-
Size
523KB
-
Sample
230614-mhvx6sga46
-
MD5
5ac0d6b9c7c6c0b79b3245b06e2ca807
-
SHA1
65bc96b4ca1b0db86ac65f3e615e36d77ade6ab8
-
SHA256
75c93eca6354ff0ab856a64fa07ddf25f6b4973ee609fc8e3efaf5049a04bf64
-
SHA512
e9fc77f1c90cf42c00c31438b3d94322b0810fb08c1e9b83783a0979380b2f8e9ecbd3b2abf13147e949a3366edff3f5c92f8361e6f556c73362b13f737ac390
-
SSDEEP
12288:xspsY6tHFBPl7rNu5bZHZ95gjyIaa0Pxg:xspsY6tHFBd7rIl175gjyIl0O
Static task
static1
Behavioral task
behavioral1
Sample
overTheline.dll
Resource
win7-20230220-en
Malware Config
Extracted
qakbot
404.1374
BB32
1686673959
190.141.193.170:443
184.189.41.80:443
149.74.159.67:2222
41.227.83.112:995
24.234.220.88:443
165.120.244.223:2222
85.152.152.46:443
213.16.249.54:995
197.26.182.159:443
86.129.138.170:443
66.241.183.99:443
74.12.146.45:2222
190.199.147.209:2222
47.205.25.170:443
12.172.173.82:993
66.35.126.117:2222
84.35.26.14:995
64.145.76.21:22
147.147.30.126:2222
80.12.88.148:2222
92.59.250.137:3389
84.216.198.201:6881
70.28.50.223:2222
72.134.124.16:443
72.88.245.71:443
70.28.50.223:2078
50.68.186.195:443
142.119.34.18:2222
76.68.170.65:2222
65.94.87.33:2222
124.149.143.189:2222
73.229.74.150:443
184.182.66.109:443
74.214.61.68:443
12.172.173.82:2087
92.154.17.149:2222
45.62.75.217:443
41.227.190.59:443
105.184.83.141:995
41.96.183.79:443
70.28.50.223:3389
70.28.50.223:32100
188.28.19.84:443
95.45.50.93:2222
213.91.235.146:443
189.223.184.79:443
213.64.33.92:2222
47.34.30.133:443
70.28.50.223:2087
12.172.173.82:465
12.172.173.82:995
70.160.67.203:443
88.126.94.4:50000
75.109.111.89:443
147.219.4.194:443
184.181.75.148:443
24.198.114.130:995
175.156.217.7:2222
89.181.227.42:2222
86.176.83.13:2222
24.234.220.88:993
184.20.136.30:995
67.87.119.216:2083
197.204.11.218:443
82.125.44.236:2222
142.181.206.222:2222
91.169.12.198:32100
12.172.173.82:20
70.64.77.115:443
92.9.45.20:2222
71.29.69.95:995
24.234.220.88:990
89.115.200.234:443
12.172.173.82:50001
178.175.187.254:443
24.234.220.88:995
176.133.4.230:995
92.186.69.229:2222
68.14.195.55:995
130.43.110.181:995
77.126.99.230:443
47.21.51.138:443
151.62.174.154:443
12.172.173.82:32101
70.28.50.223:1194
67.71.9.30:2222
82.127.153.75:2222
78.159.147.83:995
24.234.220.88:465
45.2.61.134:3389
121.121.100.202:995
199.27.66.213:443
81.229.117.95:2222
12.172.173.82:21
197.83.246.199:443
2.82.8.80:443
94.30.86.216:32100
79.168.224.165:2222
96.87.28.170:2222
200.93.25.6:2222
172.115.17.50:443
31.111.81.139:2222
70.28.50.223:2083
64.121.161.102:443
187.199.244.117:32103
98.187.21.2:443
184.176.35.223:2222
151.65.167.77:443
122.184.143.86:443
90.26.152.228:2222
70.51.132.7:2222
96.236.200.236:995
142.188.88.42:2222
86.182.82.61:443
91.165.188.74:50000
70.49.205.198:2222
102.158.231.164:443
98.4.43.111:443
47.199.241.39:443
Targets
-
-
Target
overTheline.dat
-
Size
523KB
-
MD5
5ac0d6b9c7c6c0b79b3245b06e2ca807
-
SHA1
65bc96b4ca1b0db86ac65f3e615e36d77ade6ab8
-
SHA256
75c93eca6354ff0ab856a64fa07ddf25f6b4973ee609fc8e3efaf5049a04bf64
-
SHA512
e9fc77f1c90cf42c00c31438b3d94322b0810fb08c1e9b83783a0979380b2f8e9ecbd3b2abf13147e949a3366edff3f5c92f8361e6f556c73362b13f737ac390
-
SSDEEP
12288:xspsY6tHFBPl7rNu5bZHZ95gjyIaa0Pxg:xspsY6tHFBd7rIl175gjyIl0O
-