General

  • Target

    5829dd1dfdd90417d7b024ddbb57cfe4_JaffaCakes118

  • Size

    398KB

  • Sample

    240718-twvmwszdkh

  • MD5

    5829dd1dfdd90417d7b024ddbb57cfe4

  • SHA1

    54ec184f9fc5f72c4204c19b77908d5d6c3fa65f

  • SHA256

    3e9ed6480b64da24716b39f73063051d360772a1063d4aa87abedb7e3c0f7307

  • SHA512

    82a85dd65f0a1314549e9df49765d44902848cfb3339f456738fc3dc802f592a4a3eaecd2ce0898d3ee29ff44280b0365fa56041894891b6b783176a67b47962

  • SSDEEP

    6144:59ykYklEwrPmRPWEpWFn2E6lyDntvhhOU35RJEesN23wU7HuAmHK+9:f2wr03pdf8vhhOKJET8Byq+9

Malware Config

Extracted

Family

qakbot

Version

401.138

Botnet

biden01

Campaign

1613656969

C2

172.87.157.235:3389

173.184.119.153:995

81.150.181.168:2222

71.187.170.235:443

197.45.110.165:995

86.160.137.132:443

86.236.77.68:2222

106.51.85.162:443

108.31.15.10:995

38.92.225.121:443

72.252.201.69:443

71.117.132.169:443

98.173.34.212:995

83.110.12.140:2222

95.77.223.148:443

41.39.134.183:443

85.52.72.32:2222

195.12.154.8:443

108.160.123.244:443

96.57.188.174:2222

Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      5829dd1dfdd90417d7b024ddbb57cfe4_JaffaCakes118

    • Size

      398KB

    • MD5

      5829dd1dfdd90417d7b024ddbb57cfe4

    • SHA1

      54ec184f9fc5f72c4204c19b77908d5d6c3fa65f

    • SHA256

      3e9ed6480b64da24716b39f73063051d360772a1063d4aa87abedb7e3c0f7307

    • SHA512

      82a85dd65f0a1314549e9df49765d44902848cfb3339f456738fc3dc802f592a4a3eaecd2ce0898d3ee29ff44280b0365fa56041894891b6b783176a67b47962

    • SSDEEP

      6144:59ykYklEwrPmRPWEpWFn2E6lyDntvhhOU35RJEesN23wU7HuAmHK+9:f2wr03pdf8vhhOKJET8Byq+9

MITRE ATT&CK Enterprise v15

Tasks