General

  • Target

    0.3275080431729882.dat

  • Size

    246KB

  • Sample

    230614-t3ej9abd69

  • MD5

    14c84f5847acee09fd079c0ee302864b

  • SHA1

    e9340c9e0af2533cc2355d71232a3196b0338eba

  • SHA256

    ed5dcad3d414a0179732324c6e5581d37e0b6d275dfac1feb6ed66cde47dd1d3

  • SHA512

    1cae923ac55cb44ef389ca3a692d2ff3ba8f4d10fd59b3d1d9795bdc2c085ef107cd4bbeb8b500eebe5601528f94bcc484c6fe4a55a66a4e33a0d260ec87d21e

  • SSDEEP

    6144:cRixgWEZ5Txh9QQU7kVTAHluobjrA3XqpyNj7R5o9nPz7gS1Tzy:cRwBEZp11EFcUTzy

Malware Config

Extracted

Family

qakbot

Version

404.1374

Botnet

obama268

Campaign

1686733312

C2

125.99.76.102:443

80.12.88.148:2222

109.149.147.195:2222

27.99.32.26:2222

70.28.50.223:3389

70.28.50.223:32100

86.97.96.62:2222

66.241.183.99:443

74.12.146.45:2222

190.199.147.209:2222

47.205.25.170:443

12.172.173.82:993

12.172.173.82:22

84.35.26.14:995

72.134.124.16:443

85.240.173.251:2078

50.68.186.195:443

65.190.242.244:443

45.62.75.217:443

203.109.44.236:995

Targets

    • Target

      0.3275080431729882.dat

    • Size

      246KB

    • MD5

      14c84f5847acee09fd079c0ee302864b

    • SHA1

      e9340c9e0af2533cc2355d71232a3196b0338eba

    • SHA256

      ed5dcad3d414a0179732324c6e5581d37e0b6d275dfac1feb6ed66cde47dd1d3

    • SHA512

      1cae923ac55cb44ef389ca3a692d2ff3ba8f4d10fd59b3d1d9795bdc2c085ef107cd4bbeb8b500eebe5601528f94bcc484c6fe4a55a66a4e33a0d260ec87d21e

    • SSDEEP

      6144:cRixgWEZ5Txh9QQU7kVTAHluobjrA3XqpyNj7R5o9nPz7gS1Tzy:cRwBEZp11EFcUTzy

MITRE ATT&CK Matrix

Tasks