General

  • Target

    samples.zip

  • Size

    83KB

  • Sample

    230614-n8gnxagf8y

  • MD5

    8c42fa803a480bf2ee627ec8d1ddb9a1

  • SHA1

    5be3fd49d9eb8b867c953ba81e250564ab4a849c

  • SHA256

    b8474064f2732525940dd425baa784291306f9180234447109f52275d0384272

  • SHA512

    c46baeb5f3a6dc68ca3d162fe94bffccff2952fcee9cef18fbfcad09ab99020fb8204c51f2f5411e97f120d3e5df5761cf6e747c8ae31e74dfae85a2ebba9656

  • SSDEEP

    1536:NSljFS+fknKa2igxnjzHsoDQDwtbTmKPH9b19/3VEWxCiFIjMUxtTpnEn5wrfHx:AljpfkKaK3HbMDmbycOWx4MgtThEnQ5

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686735623

C2

86.129.138.170:443

113.11.92.30:443

12.172.173.82:2087

72.205.104.134:443

84.213.236.225:995

92.186.69.229:2222

1.221.179.74:443

103.141.50.43:995

58.162.223.233:443

96.242.126.116:2222

92.154.17.149:2222

75.109.111.89:443

125.99.76.102:443

80.12.88.148:2222

109.149.147.195:2222

27.99.32.26:2222

70.28.50.223:3389

70.28.50.223:32100

86.97.96.62:2222

66.241.183.99:443

Targets

    • Target

      4193943e679dc586e662284d5d4f0ffda297e8459d6471c02122a94622c85b5a

    • Size

      130KB

    • MD5

      518ab922db6e3697256201d50a74bde1

    • SHA1

      4cc6446445431871525cbfca4e6790b3813290ad

    • SHA256

      4193943e679dc586e662284d5d4f0ffda297e8459d6471c02122a94622c85b5a

    • SHA512

      68368de830a41f388e84c01ab6b995f1bda87fb3129fd64eb6feee21649ed57cbd339a34bb3b2c8c0dab30ce22fec015ec49f01de65989e561dfb0b923ebfd12

    • SSDEEP

      3072:1BQGpV0kS95ObbMv8mCOihAAfBqJZmtfWgcTBfw8mERkFu:NS9kPyCVh1fBqJEtfWgcTBI8lRkFu

MITRE ATT&CK Matrix

Tasks