General

  • Target

    loader3.7z

  • Size

    343KB

  • Sample

    230614-s1amvaah7y

  • MD5

    6f652b9489bf0bf5185db5c67fee1677

  • SHA1

    9514f5f457ae319e7fea49ced19e1168ef589b97

  • SHA256

    d12c8c6869822b02333d2fb6d064774a3ff9eb9844465da5e56fe337ff0cbaeb

  • SHA512

    fd05ab744cf8bdaaef21cf5947a49943209c4b5b1c65c30defade9e3cf0d2d16c66a1f54a9f94da2d9b4567279e6fe3667a59970606c4aa47fb0664e411c5adc

  • SSDEEP

    6144:+EVrMpRi+UEdCi+nceYFurVTqpMX6GMSMmahylbWd8QtU9FKm7q:pi+JcqceYITqpgahAWd8mUjx7q

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686735623

C2

86.129.138.170:443

113.11.92.30:443

12.172.173.82:2087

72.205.104.134:443

84.213.236.225:995

92.186.69.229:2222

1.221.179.74:443

103.141.50.43:995

58.162.223.233:443

96.242.126.116:2222

92.154.17.149:2222

75.109.111.89:443

125.99.76.102:443

80.12.88.148:2222

109.149.147.195:2222

27.99.32.26:2222

70.28.50.223:3389

70.28.50.223:32100

86.97.96.62:2222

66.241.183.99:443

Targets

    • Target

      loader/3.dll

    • Size

      833KB

    • MD5

      d7c4fe09863d32f120b9c9f8482f91e2

    • SHA1

      99bd1ccb34ff47f5299f359349d5733bc0db5b64

    • SHA256

      0fb7b6a296ffa9e0f399d14ba0913d419781a28c2b1c93f4b77c2b1f66d6e71b

    • SHA512

      8ff8a04b9fb251d62d2dfb47ac53c13ed58913a7c61653ce1097ee3c6733bb40d4d8010028193dba346bf2e3d340ac61a22b9f73de3cfb19fed127255226057f

    • SSDEEP

      24576:3C4lIeA97+mgxDkID8c4aykLy6GNZDjf:37iovQatLy

    Score
    3/10
    • Target

      loader/loader.bat

    • Size

      39B

    • MD5

      6bf98143e1fe98d1cf77c8730396bb22

    • SHA1

      38a219ce77e6dde8e91bef23fd518836a6e384c6

    • SHA256

      e789899d717cec72308924d3cba1daca17c6d2a93214d4d7b47f75a77ba29cd1

    • SHA512

      0c10604f30ff0eacb265c871a432e7a6b1474af65b46f6ddb075c4aa5ed4332e024de52df433eaa5908c5caffb32299844ebbeed88550b0306371043f8057308

MITRE ATT&CK Matrix

Tasks