Resubmissions

23-05-2024 04:24

240523-e1jzmadg77 10

23-05-2024 04:18

240523-ew76nadf2w 10

General

  • Target

    vegetated.dat

  • Size

    354KB

  • Sample

    240523-ew76nadf2w

  • MD5

    95b1ae44716fb74b3ce589d7e1b53c3a

  • SHA1

    d322925f126c486cd2b5112057e4dd3e9692b7be

  • SHA256

    d4f7a0b2f29812223444cbce4684c12891962616708bbcc7a684a0efa510bdb4

  • SHA512

    dcd2aa426895a12e0e0a40a8e034c4b72161b8c929efae1d296ca29307e906c4a8df309b6ddbc234f3f63e0ac288641a3214895646d9d5c98ac9e69f1c5dd3d2

  • SSDEEP

    6144:ENsacLpop/C9lIbtBMHkqmO+pefWoAw6hjSy/AACs98K/f+ZuDXKK8bTcTCaULa4:gs/tMrbQHt+ps4w6RcA3/2oXmbTdaUe4

Malware Config

Extracted

Family

qakbot

Version

404.14

Botnet

obama220

Campaign

1667373670

C2

174.0.224.214:443

70.60.142.214:2222

136.232.184.134:995

67.87.214.7:443

174.104.184.149:443

64.207.237.118:443

144.202.15.58:443

74.33.84.227:443

175.205.2.54:443

174.77.209.5:443

45.49.137.80:443

74.92.243.113:995

76.68.34.167:2222

49.175.72.56:443

190.24.45.24:995

50.68.204.71:443

179.100.109.130:32101

70.64.77.115:443

109.151.171.116:2222

91.138.17.202:443

Attributes
  • salt

    SoNuce]ugdiB3c[doMuce2s81*uXmcvP

Targets

    • Target

      vegetated.dat

    • Size

      354KB

    • MD5

      95b1ae44716fb74b3ce589d7e1b53c3a

    • SHA1

      d322925f126c486cd2b5112057e4dd3e9692b7be

    • SHA256

      d4f7a0b2f29812223444cbce4684c12891962616708bbcc7a684a0efa510bdb4

    • SHA512

      dcd2aa426895a12e0e0a40a8e034c4b72161b8c929efae1d296ca29307e906c4a8df309b6ddbc234f3f63e0ac288641a3214895646d9d5c98ac9e69f1c5dd3d2

    • SSDEEP

      6144:ENsacLpop/C9lIbtBMHkqmO+pefWoAw6hjSy/AACs98K/f+ZuDXKK8bTcTCaULa4:gs/tMrbQHt+ps4w6RcA3/2oXmbTdaUe4

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks