General

  • Target

    c42e511e79fa6c3b2931080364522dfc_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240827-cd6trsyfnq

  • MD5

    c42e511e79fa6c3b2931080364522dfc

  • SHA1

    413fa44b48570a07420aa1511276bb4c72374cd7

  • SHA256

    b293691f6cf941d9841b65a58f8b75b97e37da6752531bdcfba449ec7fe3128b

  • SHA512

    d114ffc76a5c9de6bb02228fe84f76e78ebcfcbf28be9f3dd02cfb2f00dfbc38579cee379cfb7adb580b6a5eb54c7d6e37b4fa346fcfea3ab9dd9abecf2b0295

  • SSDEEP

    49152:lP3fgyBTbzDjvjwSBLoZFVf4d6enfWoKFxCZqOoFBvQC6bztk2KSZxE2i:s

Malware Config

Extracted

Family

qakbot

Version

323.79

Botnet

spx01

Campaign

1567608215

C2

72.16.212.107:995

107.12.140.181:443

69.70.37.246:465

66.51.231.183:443

108.160.123.244:443

65.30.12.240:443

47.49.7.42:443

73.202.121.222:443

47.153.115.154:995

47.153.115.154:443

72.29.181.77:2083

104.3.91.20:995

190.144.81.158:995

186.7.117.189:443

50.247.230.33:443

216.221.88.160:443

67.246.16.250:995

107.180.70.163:443

70.169.2.228:21

72.36.14.160:443

Targets

    • Target

      c42e511e79fa6c3b2931080364522dfc_JaffaCakes118

    • Size

      1.8MB

    • MD5

      c42e511e79fa6c3b2931080364522dfc

    • SHA1

      413fa44b48570a07420aa1511276bb4c72374cd7

    • SHA256

      b293691f6cf941d9841b65a58f8b75b97e37da6752531bdcfba449ec7fe3128b

    • SHA512

      d114ffc76a5c9de6bb02228fe84f76e78ebcfcbf28be9f3dd02cfb2f00dfbc38579cee379cfb7adb580b6a5eb54c7d6e37b4fa346fcfea3ab9dd9abecf2b0295

    • SSDEEP

      49152:lP3fgyBTbzDjvjwSBLoZFVf4d6enfWoKFxCZqOoFBvQC6bztk2KSZxE2i:s

MITRE ATT&CK Enterprise v15

Tasks