General

  • Target

    f3b39f71eb28d72447f0fe5b6abba620N

  • Size

    534KB

  • Sample

    240826-yrf16asgme

  • MD5

    f3b39f71eb28d72447f0fe5b6abba620

  • SHA1

    6f87fb4a18bcfdd91c3a2b2f8a0c088d955af602

  • SHA256

    834a32737b36788d6f2bc3e00fe5a621849a8b24d70f441fd003504f112446dc

  • SHA512

    8bff50af175f5577527c9324fff55c37033240d1a87b1f17c166a013acabaaeb5783edfddef88f1d424989f334183f2811a8c91332903a6a99ababeea9bdf93b

  • SSDEEP

    6144:ne6FZ0+NCirQ6TBByIeJzt93S0EE8cuFA6Epnznitg8055EX+driwrWSzdr:bVONPfzit1055EX+dWMxzF

Malware Config

Extracted

Family

qakbot

Version

402.68

Botnet

biden44

Campaign

1621342408

C2

172.78.43.46:443

50.244.112.106:443

24.179.77.148:443

86.220.62.251:2222

24.139.72.117:443

24.55.112.61:443

45.63.107.192:443

197.45.110.165:995

24.122.166.173:443

47.22.148.6:443

149.28.99.97:995

45.63.107.192:995

71.187.170.235:443

144.139.47.206:443

86.157.25.253:443

81.97.154.100:443

75.67.192.125:443

71.163.224.97:443

105.198.236.101:443

105.198.236.99:443

Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      f3b39f71eb28d72447f0fe5b6abba620N

    • Size

      534KB

    • MD5

      f3b39f71eb28d72447f0fe5b6abba620

    • SHA1

      6f87fb4a18bcfdd91c3a2b2f8a0c088d955af602

    • SHA256

      834a32737b36788d6f2bc3e00fe5a621849a8b24d70f441fd003504f112446dc

    • SHA512

      8bff50af175f5577527c9324fff55c37033240d1a87b1f17c166a013acabaaeb5783edfddef88f1d424989f334183f2811a8c91332903a6a99ababeea9bdf93b

    • SSDEEP

      6144:ne6FZ0+NCirQ6TBByIeJzt93S0EE8cuFA6Epnznitg8055EX+driwrWSzdr:bVONPfzit1055EX+dWMxzF

MITRE ATT&CK Enterprise v15

Tasks