General

  • Target

    loader.7z

  • Size

    343KB

  • Sample

    230614-sw8dbaaf97

  • MD5

    a6e3f4da1e9a96d0dae8fbdf7cb2fd2d

  • SHA1

    0fe6b24e34ad124219312dcf8718dda972a8f00e

  • SHA256

    3de508f45986acf9fd4a8ecdcd44edb95baf1246d2d1a4226baee066ba8c2869

  • SHA512

    2cb4eb4ae202416cfc718e42c02782b327e6c7e752116efc76f8dba29517b37a61543f960c065d3b99682bf52fc86a7f233c0fe92b13dd76ff96ca87be7983d2

  • SSDEEP

    6144:7EVrMpRi+UEdCi+nceYFurVTqpMX6GMSMmahylbWd8QtU9kps:wi+JcqceYITqpgahAWd8mUmO

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686735623

C2

86.129.138.170:443

113.11.92.30:443

12.172.173.82:2087

72.205.104.134:443

84.213.236.225:995

92.186.69.229:2222

1.221.179.74:443

103.141.50.43:995

58.162.223.233:443

96.242.126.116:2222

92.154.17.149:2222

75.109.111.89:443

125.99.76.102:443

80.12.88.148:2222

109.149.147.195:2222

27.99.32.26:2222

70.28.50.223:3389

70.28.50.223:32100

86.97.96.62:2222

66.241.183.99:443

Targets

    • Target

      loader/2.dll

    • Size

      824KB

    • MD5

      8d3b4b382871878c29a289ad9c39e103

    • SHA1

      def517b6271352400277a60cf640ff465431a40f

    • SHA256

      33957d929487d6de68af0858650aedd2b021758c40815f84816ba4b6365ec143

    • SHA512

      3ffff90ad685d650a9a9b9d6a257b08a2f9b9e7c8cff4688ae0121b7155331987cb515b24096748320d60e2d1ddcab2a53b03ce5371291981010fbd9edf1fe39

    • SSDEEP

      24576:3C4lIeA97+mgxDkID8c4aykLy6GNZDjf:37iovQatLy

    Score
    3/10
    • Target

      loader/loader.bat

    • Size

      39B

    • MD5

      9edca2703468373512c0bbe649409319

    • SHA1

      f4ea07eadb35e32d9c0b88e4641cef4b1c61caa0

    • SHA256

      fa37a54bd96fe0ddc92ebe1f5a91755c98e11437d64d1115bb5210291d89f80f

    • SHA512

      c741ede89cce4ed0cf5d51ec713fde4021da109c34e3571c973a4a9e6eb3c8f43dc8a542cb16205bde0f55ab4f79ef0d9b74b324ea3a19e696d7f1a26f11b2d3

MITRE ATT&CK Matrix

Tasks