Overview

overview

10

Static

static

10

b70799c95d...18.exe

windows7-x64

3

b70799c95d...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b70799c95dd29b4f2d5be5bc7feecf34_JaffaCakes118

  • Size

    261KB

  • Sample

    240617-gd9mwaxajd

  • MD5

    b70799c95dd29b4f2d5be5bc7feecf34

  • SHA1

    a5e33928c0c0d69bf70463ba5ec0935f53a941d8

  • SHA256

    6f1ad1628709f22d04611614ed48f80ff051bb1253ca26a3f99d8dabcc828661

  • SHA512

    d17d48045e8298a53e7f5406ebeb91e1425b43b32e9d9445c61d2373f673ee18846287a3d7f6a279d8468e680cf4247f1bb2fee40a2a834d6f0b997d2a77325c

  • SSDEEP

    6144:QinCSbUlS2EqPgZXD3romJDq0orQWau0Vj6he+a9:QinCEpwYD7e0osRHEU/

Score
10/10
qakbotspx911586271390

Malware Config

Extracted

Family

qakbot

Version

324.75

Botnet

spx91

Campaign

1586271390

C2

74.109.200.208:443

108.227.161.27:995

98.13.0.128:443

79.113.219.121:443

84.247.55.190:443

80.14.209.42:2222

104.36.135.227:443

104.174.71.153:2222

96.232.203.15:443

173.79.220.156:443

174.54.24.110:995

50.244.112.10:443

76.23.204.29:443

69.206.6.71:2222

81.106.46.63:443

50.91.171.137:443

75.137.60.81:443

98.116.119.123:443

189.140.74.166:443

24.183.39.93:443

Targets

    • Target

      b70799c95dd29b4f2d5be5bc7feecf34_JaffaCakes118

    • Size

      261KB

    • MD5

      b70799c95dd29b4f2d5be5bc7feecf34

    • SHA1

      a5e33928c0c0d69bf70463ba5ec0935f53a941d8

    • SHA256

      6f1ad1628709f22d04611614ed48f80ff051bb1253ca26a3f99d8dabcc828661

    • SHA512

      d17d48045e8298a53e7f5406ebeb91e1425b43b32e9d9445c61d2373f673ee18846287a3d7f6a279d8468e680cf4247f1bb2fee40a2a834d6f0b997d2a77325c

    • SSDEEP

      6144:QinCSbUlS2EqPgZXD3romJDq0orQWau0Vj6he+a9:QinCEpwYD7e0osRHEU/

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks