General

  • Target

    loader1.7z

  • Size

    343KB

  • Sample

    230614-sz3x1aah7s

  • MD5

    6bd4915375112ac1b7b4862e50fad06c

  • SHA1

    8609e48471931f984362306f31b8f677d8349e06

  • SHA256

    ebc98e571409c7f98f115454a0a4fffb7165ce5c69e7eabf13c98d1417fd6b7d

  • SHA512

    4a61479119d55f6b219ab273b18093e2025ac9bc0f7099ab303045d8e7c66b402ff206c04ebd75cb1c30384adcaefe070bb87966313324f56e7ac893cbbd0abd

  • SSDEEP

    6144:sEVrMpRi+UEdCi+nceYFurVTqpMX6GMSMma1ylbWd8QtU9vh5JgJhw:3i+JcqceYITqpga1AWd8mUth5Jx

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

BB32

Campaign

1686735623

C2

86.129.138.170:443

113.11.92.30:443

12.172.173.82:2087

72.205.104.134:443

84.213.236.225:995

92.186.69.229:2222

1.221.179.74:443

103.141.50.43:995

58.162.223.233:443

96.242.126.116:2222

92.154.17.149:2222

75.109.111.89:443

125.99.76.102:443

80.12.88.148:2222

109.149.147.195:2222

27.99.32.26:2222

70.28.50.223:3389

70.28.50.223:32100

86.97.96.62:2222

66.241.183.99:443

Targets

    • Target

      loader/1.dll

    • Size

      831KB

    • MD5

      22e7ec7efb9676038a1f232618d42198

    • SHA1

      e5c445e91cbc892afcc25cb093e1a7c50384aba6

    • SHA256

      bb596f0d9c8083aa8b412d8166fb6a7eaf20870cd374891d68488f77139f8999

    • SHA512

      44894aead6569853429a0fd45ab02124ed8fa2c4f60a755324f2c31d034ff1cb9aaf646a0ed9c2090edc27c2f308e00e7dec7d36067d15f1b3a1df836b6bdfa8

    • SSDEEP

      24576:3C4lIeA97+mgxDkID8c4aykLy6GNZDjf:37iovQatLy

    Score
    3/10
    • Target

      loader/loader.bat

    • Size

      39B

    • MD5

      e342b26ad9df4ac992c513b53259869e

    • SHA1

      4165ec0d22b066154b65f55e962ef33789305380

    • SHA256

      ae69b1f268f89402745e139cede9efcd638441fe9963d1c674c89006c4bc74e2

    • SHA512

      4de991af13def138f11f9d9a037cd7b0babf52fcfda7378ef18a1be77362ef6761ec87eb2a2edd148ccaf46e075b407fcb7440c9847ea04a66e857608cca169e

MITRE ATT&CK Matrix

Tasks