Overview

overview

10

Static

static

10

e70271f34d...18.dll

windows7-x64

10

e70271f34d...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e70271f34d060cd4a2e7adb2fbb7c103_JaffaCakes118

  • Size

    196KB

  • Sample

    240408-j2ethscf37

  • MD5

    e70271f34d060cd4a2e7adb2fbb7c103

  • SHA1

    a4afd5f8039cf9d018a8effe3f4900f3ba4ab1a2

  • SHA256

    268313dea6a974871d0ea2ff8c2a404ee4479b3c0e043c858baaf98d208a2bb3

  • SHA512

    8840d2b180c7356bcb25db9bdb089e1b496aa93617c582bb171dcec53221b1f4483743d373887368365b6834ce266ed51065759e3e3f9f33dd6fd632998e8789

  • SSDEEP

    6144:YyvLH5hV0pO9Rr9c3ZPQFP3bO3OTBCxh+W:BbVQO9Tc2FTO3OTcH+W

Score
10/10
qakbotabc1121608025881bankerstealertrojan

Malware Config

Extracted

Family

qakbot

Version

401.138

Botnet

abc112

Campaign

1608025881

C2

149.28.98.196:995

149.28.99.97:995

45.63.107.192:2222

144.202.38.185:995

144.202.38.185:443

45.63.107.192:995

5.13.84.186:995

68.83.89.188:443

67.141.11.98:443

219.76.148.249:443

86.245.82.249:2078

116.240.78.45:995

37.182.244.124:2222

72.186.1.237:443

78.97.207.104:443

80.14.22.234:2222

202.141.225.158:443

72.28.255.159:995

37.6.208.105:2222

161.142.217.62:443
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      e70271f34d060cd4a2e7adb2fbb7c103_JaffaCakes118

    • Size

      196KB

    • MD5

      e70271f34d060cd4a2e7adb2fbb7c103

    • SHA1

      a4afd5f8039cf9d018a8effe3f4900f3ba4ab1a2

    • SHA256

      268313dea6a974871d0ea2ff8c2a404ee4479b3c0e043c858baaf98d208a2bb3

    • SHA512

      8840d2b180c7356bcb25db9bdb089e1b496aa93617c582bb171dcec53221b1f4483743d373887368365b6834ce266ed51065759e3e3f9f33dd6fd632998e8789

    • SSDEEP

      6144:YyvLH5hV0pO9Rr9c3ZPQFP3bO3OTBCxh+W:BbVQO9Tc2FTO3OTcH+W

    Score
    10/10
    qakbotabc1121608025881bankerstealertrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks