General
-
Target
0c1e121f1ea651cb7821c8513bda49e0_JaffaCakes118
-
Size
2.2MB
-
Sample
240501-sjyy4sbg79
-
MD5
0c1e121f1ea651cb7821c8513bda49e0
-
SHA1
23c934cb077fdeb2c8e28e4b7538e757f2bada4e
-
SHA256
e4c669aaa5e441eb95dc6baed3e93cc4bd018dd1a03013719283f12cf4322ed8
-
SHA512
1f15292173208507b9032ed3106d6dc4b2def17e94a321f9792a80aeaeda6524e19c47fc577d9fa5e6f4e97f79d5aa2548ab6d3a20d8845e3f2aa87fde7fd4fd
-
SSDEEP
49152:/vg4jQjV4dwSdWaLE5cUlSBuccoi+g9ESezNfSZX2VJc4+lEOpVzm:/vdQjVBSxLQcUlSBucziUzCQW/lEOK
Static task
static1
Behavioral task
behavioral1
Sample
CO4472899025222158173.vbs
Resource
win7-20240220-en
Malware Config
Extracted
qakbot
323.91
spx09
1568796588
76.72.79.230:6881
167.60.80.249:443
71.77.231.251:443
75.69.3.12:443
209.182.122.217:443
71.84.5.114:443
68.174.15.223:443
174.16.255.191:993
113.77.241.26:443
186.47.208.238:50000
173.16.78.208:443
64.19.74.29:995
71.30.56.170:443
162.244.224.166:443
189.160.203.223:443
73.202.121.222:443
75.56.175.129:995
66.91.141.62:443
181.197.195.138:995
50.96.150.242:995
75.131.72.82:443
50.247.230.33:443
192.24.181.185:443
71.105.197.98:443
24.184.6.58:2222
65.116.179.83:443
23.240.185.215:443
217.162.149.212:443
166.62.180.194:2078
184.74.101.234:995
173.22.120.11:2222
70.50.221.166:2222
65.30.12.240:995
47.153.115.154:995
12.176.32.146:443
116.58.100.130:995
76.18.16.52:443
184.180.157.203:2222
162.244.225.30:443
72.213.98.233:443
201.152.192.116:995
47.153.115.154:443
66.153.176.49:443
108.184.57.213:443
74.194.4.181:443
184.191.62.78:443
70.183.177.71:443
98.165.206.64:443
99.228.242.183:995
68.83.59.107:443
76.85.30.25:995
47.23.101.26:993
96.22.239.27:2222
172.78.85.20:443
67.10.18.112:993
206.51.202.106:50002
96.20.238.2:2078
110.12.60.117:443
76.80.66.226:443
67.10.18.112:995
66.214.75.176:443
104.34.122.18:443
47.146.173.204:443
47.136.226.219:443
73.226.220.56:443
76.116.128.81:443
173.247.186.90:995
2.51.220.143:443
50.100.214.10:2222
174.48.72.160:443
70.183.154.250:80
108.45.183.59:443
50.246.229.50:443
98.186.90.192:995
99.241.22.53:443
105.246.67.16:995
116.4.50.192:995
78.94.55.26:50003
196.194.26.159:2222
70.166.97.7:465
75.182.214.87:443
107.12.140.181:443
24.180.7.155:443
98.236.87.243:443
47.214.144.253:443
100.4.185.8:443
199.126.92.231:995
2.50.171.216:443
108.55.23.221:443
185.219.83.73:443
47.23.101.26:465
67.246.16.250:995
67.200.146.98:2222
111.125.70.30:2222
100.38.177.146:995
181.90.124.162:443
67.214.201.117:2222
173.247.186.90:443
67.214.8.102:443
96.20.238.2:2222
190.120.196.18:443
86.212.213.40:2222
207.179.194.91:443
138.122.5.214:443
173.178.129.3:443
67.41.197.173:2078
70.164.39.91:443
70.169.2.228:443
197.86.194.113:443
99.228.5.106:6883
50.78.93.74:995
166.62.129.86:443
83.25.38.202:2222
65.94.90.23:1194
96.20.238.2:2083
76.6.64.52:995
76.184.141.236:443
70.163.224.7:443
76.64.15.78:2222
89.219.109.161:443
108.160.123.244:443
24.31.249.123:443
67.77.162.13:443
96.20.238.2:61201
159.118.173.115:995
70.51.107.78:2222
104.3.91.20:995
72.16.212.107:995
72.29.181.77:2083
75.165.181.122:443
137.25.72.175:443
98.236.87.243:995
108.5.34.65:443
104.34.116.99:443
76.71.77.248:32101
50.46.139.209:443
65.27.220.22:995
73.213.72.71:443
71.197.126.250:443
47.180.66.10:995
174.110.50.237:443
160.2.198.181:443
192.100.72.2:2222
173.172.56.79:443
68.39.177.147:443
96.28.229.218:443
73.138.178.6:443
68.96.55.36:443
75.182.99.7:995
172.251.125.166:8443
Targets
-
-
Target
CO4472899025222158173.vbs
-
Size
4.3MB
-
MD5
613bd73ab6c277315f2023c249363bd7
-
SHA1
59719f854727ad73bc32e4e1b0ddc89b39161d98
-
SHA256
ddcb65af6a76fa4e328a6421ba1dface01627ec1e4b56795d81c58610c5f0868
-
SHA512
32fc2f50ef2b55042526563805dc8d98b5b43391762dccc66973ebffe3bd385f2447b6ab9c1a746433d4394ded4173e94c472ecf16fc96545efce3f79a3126eb
-
SSDEEP
49152:U9Sew9BkAzFpzVTQ3Bcts+6DReqKwHLDhRvOVUDnRZXL0Tu8mGURWsT2GbbWre3W:b
-
Executes dropped EXE
-
Loads dropped DLL
-