General

  • Target

    7a4bab894f2766610cb4a2de7415d800N

  • Size

    770KB

  • Sample

    240911-lww7qavdlc

  • MD5

    7a4bab894f2766610cb4a2de7415d800

  • SHA1

    542f7994cd93385ea868ae889d4d12b187454bac

  • SHA256

    a06450433f7f37c1f49501ab7b3751cb889497124f2cf58e9be0da30169eeccb

  • SHA512

    ab9134e522c30dd38ef98bb152962bd7628c2ea332dc75d6207fec3962d30fbd3f54c920b9d17f692153a8760d17e4ae5261c298d352383fd3e462325e5b4c9f

  • SSDEEP

    12288:tlTxdlYUTXacR/927cw6nlsL8IQayFiByGgBfMdK6Uwh1/6aMCxtd:7Fgkau97wUsTsFi8GEfUK4Lx

Malware Config

Extracted

Family

qakbot

Version

401.138

Botnet

obama10

Campaign

1615286191

C2

76.94.200.148:995

140.82.49.12:443

24.95.61.62:443

195.43.173.70:443

197.45.110.165:995

87.202.87.210:2222

79.115.174.55:443

196.151.252.84:443

45.118.216.157:443

77.211.30.202:995

89.3.198.238:443

47.196.192.184:443

86.175.79.249:443

80.227.5.69:443

70.168.130.172:995

83.110.108.38:2222

71.117.132.169:443

184.189.122.72:443

47.22.148.6:443

84.72.35.226:443

Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      7a4bab894f2766610cb4a2de7415d800N

    • Size

      770KB

    • MD5

      7a4bab894f2766610cb4a2de7415d800

    • SHA1

      542f7994cd93385ea868ae889d4d12b187454bac

    • SHA256

      a06450433f7f37c1f49501ab7b3751cb889497124f2cf58e9be0da30169eeccb

    • SHA512

      ab9134e522c30dd38ef98bb152962bd7628c2ea332dc75d6207fec3962d30fbd3f54c920b9d17f692153a8760d17e4ae5261c298d352383fd3e462325e5b4c9f

    • SSDEEP

      12288:tlTxdlYUTXacR/927cw6nlsL8IQayFiByGgBfMdK6Uwh1/6aMCxtd:7Fgkau97wUsTsFi8GEfUK4Lx

MITRE ATT&CK Enterprise v15

Tasks