Overview

overview

10

Static

static

1

qak.js

windows7-x64

10

qak.js

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    qak.js

  • Size

    54KB

  • Sample

    231013-z9mr4ada49

  • MD5

    26589ad776720ca1065f0d5772ea902c

  • SHA1

    320ca918b7b958a434773ac1cc7207f1e3989ce6

  • SHA256

    c3a87202894fb8bc62b755731d9cee475dc275ff9e9dee86677480ddf9016d9c

  • SHA512

    084fcbf9b8336d43c164c801022ae185bff9548c14fb09792fdc7d5d3a1789ddfca1992aed8ae9fd21ce37b91474397fae394ecbdb4e1f14ceceed838914160c

  • SSDEEP

    768:tnX2TKIQIBnHJZ1wLzyRSFgNxFHx2lS2QOxIrb3lQbQjEJkczD+fO3UV7uxZDdQp:tnX2uI7n1/RzNdf5AJvD5bPW0Adxaq

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://stoaindustria.com.br/DgebrQ/w58YT90jYhi
exe.dropper

https://embroidery-gulf.com/COAxZjb/5miyICah
exe.dropper

https://kpmasterchart.com/FkxW/T7RWBCJQWH6s
exe.dropper

https://fineadvicefoundation.org/3yxItyx/71Ooo
exe.dropper

https://amazonneon.com/YDPjgv0/l3K5xEpiE

Targets

    • Target

      qak.js

    • Size

      54KB

    • MD5

      26589ad776720ca1065f0d5772ea902c

    • SHA1

      320ca918b7b958a434773ac1cc7207f1e3989ce6

    • SHA256

      c3a87202894fb8bc62b755731d9cee475dc275ff9e9dee86677480ddf9016d9c

    • SHA512

      084fcbf9b8336d43c164c801022ae185bff9548c14fb09792fdc7d5d3a1789ddfca1992aed8ae9fd21ce37b91474397fae394ecbdb4e1f14ceceed838914160c

    • SSDEEP

      768:tnX2TKIQIBnHJZ1wLzyRSFgNxFHx2lS2QOxIrb3lQbQjEJkczD+fO3UV7uxZDdQp:tnX2uI7n1/RzNdf5AJvD5bPW0Adxaq

    Score
    10/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks