Overview

overview

10

Static

static

10

7ee6095ba8...71.dll

windows7-x64

1

7ee6095ba8...71.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7ee6095ba8c4ed9fe11fbf5e703823e1aeae7f5443027738f55979b27ca57171.zip

  • Size

    78KB

  • Sample

    240402-l5en2aee62

  • MD5

    131c76c2bd99fbcf32b84f3af921bd8a

  • SHA1

    a0bc9f53206feacaccfec35a3d3d34c8397a8bff

  • SHA256

    08737d5e321c1856d6c4a2d0b52ecac883071aaca3f8f9d6852a8dc35d4e3292

  • SHA512

    bbdce4a66e1ebd9bb276e7203137eaa4fbcb5816f288feae1b6d2cf03976b415b220d73d449a8b02bb3de5fbb9443672bed53c7cd75c81d5d2093de02010636b

  • SSDEEP

    1536:oc+vVaYM2WImKaGwCSkJu4dmbJR9QUB6UcB4rkIPdLHF9RTOLTbCbn:GA12WxKaqS64JRWUtkkLHF9RsCb

Score
10/10
qakbotobama1501640256791

Malware Config

Extracted

Family

qakbot

Version

403.10

Botnet

obama150

Campaign

1640256791

C2

96.21.251.127:2222

70.51.134.181:2222

69.14.172.24:443

186.64.87.213:443

94.62.161.77:995

103.139.242.30:990

114.79.148.170:443

217.164.247.241:2222

178.153.86.181:443

136.232.34.70:443

37.210.226.125:61202

173.21.10.71:2222

31.219.154.176:32101

140.82.49.12:443

32.221.229.7:443

24.152.219.253:995

106.51.48.170:50001

114.38.161.124:995

96.37.113.36:993

190.39.205.165:443

Targets

    • Target

      7ee6095ba8c4ed9fe11fbf5e703823e1aeae7f5443027738f55979b27ca57171.dll

    • Size

      132KB

    • MD5

      81e56fd3b67ce33ef7150003985be7f4

    • SHA1

      6c739fcc6dea8cc65617ff184f1febcd5404143a

    • SHA256

      7ee6095ba8c4ed9fe11fbf5e703823e1aeae7f5443027738f55979b27ca57171

    • SHA512

      4b82547e9666897566318fe5fb1b0535412bbc44838288900bc534bb39a8dc8725f522ad43eec81080cf88fd5033e2112db86dc228c2e44cb9f0010e35f410c9

    • SSDEEP

      3072:4ELogSZScYg+E/wmqpFQQT7J/AzMVWWRTBfItV74VZ:LofScb/wmqp+QPJ4zMVWWRTBgkj

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks