General

  • Target

    ioenou.exe.-239442116

  • Size

    130KB

  • Sample

    230929-htp4vagc8w

  • MD5

    479c596e0459402209859913aa4280ed

  • SHA1

    3786faae5946919d23631bb69c8b6a07d5775abf

  • SHA256

    28f49c8ec7e739247dc8fbaa421456efb5869b1d92181d2b99c93520064cbb5f

  • SHA512

    0475695a4f8933b6afdf73eb3546fba4edcc47ad01f9dc9af2910a07fb89101bd2288fa91702b95d8c4a06abbbc4fe38a3b12abbc6f622a00d4c2400c9dac9ff

  • SSDEEP

    3072:608q9D1i4yfNwvcKgi1AvuJ4I/YzTBfQzcoG5y:cfiEKxGvuJL/YzTBozcoG5y

Malware Config

Extracted

Family

qakbot

Version

404.1377

Botnet

snow09

Campaign

1686740620

C2

101.184.155.156:2222

89.79.229.50:443

173.17.45.60:443

124.246.122.199:2222

84.215.202.8:443

122.184.143.86:443

79.168.224.165:2222

151.62.174.154:443

124.122.47.148:443

31.190.240.11:443

92.239.81.124:443

31.53.29.210:2222

172.115.17.50:443

70.28.50.223:2083

64.121.161.102:443

187.199.244.117:32103

91.68.227.219:443

176.142.207.63:443

47.199.241.39:443

89.129.109.27:2222

Targets

    • Target

      ioenou.exe.-239442116

    • Size

      130KB

    • MD5

      479c596e0459402209859913aa4280ed

    • SHA1

      3786faae5946919d23631bb69c8b6a07d5775abf

    • SHA256

      28f49c8ec7e739247dc8fbaa421456efb5869b1d92181d2b99c93520064cbb5f

    • SHA512

      0475695a4f8933b6afdf73eb3546fba4edcc47ad01f9dc9af2910a07fb89101bd2288fa91702b95d8c4a06abbbc4fe38a3b12abbc6f622a00d4c2400c9dac9ff

    • SSDEEP

      3072:608q9D1i4yfNwvcKgi1AvuJ4I/YzTBfQzcoG5y:cfiEKxGvuJL/YzTBozcoG5y

MITRE ATT&CK Matrix

Tasks