Resubmissions

31-08-2023 10:52

230831-myhb1seb9v 3

26-06-2023 07:28

230626-jazplshh21 10

25-06-2023 01:46

230625-b7b1tach56 3

General

  • Target

    9f911dbf63e7dcaa7d4dcdc5c14d9390.bin

  • Size

    624KB

  • Sample

    230626-jazplshh21

  • MD5

    1f210eac396069e042cd6ef79a6448fd

  • SHA1

    8b1d681ef881dc464246cb39cde1d41eb4230413

  • SHA256

    c46cf0eabf237c57430ccf73bf5b98536d84a0e68d5ac8b2dfb7fa96890c74ca

  • SHA512

    813ae88a45cc5b8e2c96b75064f36229e3e51348d274900e46b52118caf38be08a034e6394422a6fc3985b674aa9516f6080645b70b3b44db3d1227ac1d006ec

  • SSDEEP

    12288:ZUBnSM7WdtN/hCyYkWbc+t+ZZZx4uqZCZvxUTqrpXyScvvCXf1ch4FRn:ZWnMN/hpYt9m4xAx7HcSdeu

Malware Config

Extracted

Family

qakbot

Version

404.1405

Botnet

obama271

Campaign

1687438904

C2

70.28.50.223:2083

103.141.50.79:995

184.182.66.109:443

122.184.143.82:443

91.254.145.252:443

37.14.229.220:2222

64.229.117.208:2222

77.126.99.230:443

87.252.106.235:995

12.172.173.82:32101

95.230.110.222:995

88.169.33.180:2222

70.28.50.223:1194

72.80.94.230:443

191.191.1.254:995

209.171.160.69:995

45.62.67.129:443

24.234.80.122:995

81.150.169.174:2222

121.121.100.202:995

Targets

    • Target

      457c622ba31de68f44d01c63de335b32cc7ef2cbbf6c48a2acdd868a28ddba97.dll

    • Size

      1.3MB

    • MD5

      9f911dbf63e7dcaa7d4dcdc5c14d9390

    • SHA1

      6e3f22a89e96a1a2898f3faff53d4b8aca0e1ee9

    • SHA256

      457c622ba31de68f44d01c63de335b32cc7ef2cbbf6c48a2acdd868a28ddba97

    • SHA512

      8c79337d67eab5bf356c7a51e6bde2dcc1c1a256e0640c52d56ad7544ebac89e1128de492ff9588c6dda54b04ce0792dfc2019ce0bc0a07924a40ece176a4cdf

    • SSDEEP

      24576:QbynSJg2XBk53xIRcJaELHmfXOSNPSp0ExTqt2AO9GeM4ygQ:QbkS7XB1EsOSNPSp0EAt2bUeM4ygQ

MITRE ATT&CK Matrix

Tasks