General
-
Target
2.bin
-
Size
782KB
-
Sample
191111-mgrgp545yx
-
MD5
630a76fe553d7656ea617024ca3f5de4
-
SHA1
5d3f80b8905d2f93b7b9b9243e384fa243d2e918
-
SHA256
7d4d207fb5258f504d3f9ef60d431332d1e7320d5849c0b0acf624612b01c8f0
-
SHA512
079c3a1983b38dcc37df5aa6da8b439b9415a175e24c1e1fa0d1d40c19116654404e20e8fca109c9af2b4b3fd96336b4084352845c7567f639d7f8dd84a7a5c4
Task
task1
Sample
2.bin.exe
Resource
win7v191014
Malware Config
Extracted
qakbot
1573123220
206.51.202.106:50003
173.3.132.17:995
75.131.72.82:443
68.238.144.55:443
100.4.185.8:443
5.182.39.156:443
24.201.68.105:2078
23.240.185.215:443
69.92.54.95:995
68.131.9.203:443
187.163.139.200:993
75.81.25.223:995
32.208.1.239:443
170.10.78.48:443
74.194.4.181:443
81.147.42.195:2222
71.30.56.170:443
174.16.234.171:993
66.214.75.176:443
47.153.115.154:443
75.175.209.163:995
72.213.98.233:443
173.22.120.11:2222
68.238.56.27:443
184.180.157.203:2222
24.203.64.26:2222
47.153.115.154:995
64.19.74.29:995
104.32.185.213:2222
104.3.91.20:995
107.12.140.181:443
67.5.33.229:2078
67.10.18.112:993
80.14.209.42:2222
184.74.101.234:995
172.78.45.13:995
181.14.188.8:443
106.51.0.228:443
67.246.16.250:995
75.110.250.89:443
50.78.93.74:995
104.175.193.24:443
209.182.122.217:443
47.23.101.26:993
12.5.37.3:995
24.30.71.200:443
72.29.181.77:2078
90.43.6.185:2222
81.149.189.61:8443
5.89.115.73:2222
71.93.60.90:443
72.46.151.196:995
105.246.77.129:995
50.246.229.50:443
65.16.241.150:443
197.86.194.53:995
75.142.59.167:443
107.12.131.249:443
70.74.159.126:2222
75.130.117.134:443
47.202.98.230:443
47.214.144.253:443
196.194.28.127:2222
182.56.87.205:995
2.50.41.185:443
217.162.149.212:443
76.116.128.81:443
107.184.252.92:443
69.170.237.82:995
75.110.90.155:443
166.62.180.194:2078
62.103.70.217:995
108.45.183.59:443
67.87.38.242:2222
117.223.144.228:995
47.153.115.154:443
186.47.208.238:50000
108.5.34.128:443
67.77.162.13:443
65.30.12.240:443
76.80.66.226:443
111.125.70.30:2222
181.197.195.138:995
173.29.144.30:443
174.130.203.235:443
162.244.224.166:443
104.34.122.18:443
199.126.92.231:995
173.178.129.3:990
12.176.32.146:443
93.177.144.236:443
108.227.161.27:443
72.16.212.107:995
205.250.79.62:443
201.152.218.64:995
200.104.249.67:443
123.252.128.47:443
73.226.220.56:443
181.126.80.118:443
88.200.217.162:21
108.160.123.244:443
67.214.201.117:2222
173.247.186.90:443
50.247.230.33:443
75.165.181.122:443
68.174.15.223:443
96.59.11.86:443
71.77.231.251:443
24.184.6.58:2222
174.131.181.120:995
207.162.184.228:443
173.178.129.3:443
47.23.101.26:465
12.5.37.3:443
206.51.202.106:50002
75.131.72.82:995
172.251.77.230:443
174.48.72.160:443
2.177.101.143:443
70.120.151.69:443
47.146.169.85:443
24.93.168.38:443
75.70.218.193:443
162.244.225.30:443
168.245.228.71:443
72.29.181.77:2083
112.171.126.153:443
75.131.72.82:2087
96.35.170.82:2222
24.27.82.216:2222
2.50.170.151:443
73.202.121.222:0
98.155.154.220:443
98.148.177.77:443
24.180.7.155:443
47.155.19.205:443
67.160.63.127:443
201.188.17.26:443
75.165.132.69:443
24.182.53.191:443
137.25.72.175:443
116.58.100.130:443
73.37.61.237:443
76.169.19.193:443
203.83.20.209:995
76.174.122.204:443
83.79.2.218:2222
71.90.241.69:443
66.51.231.183:443
45.37.57.119:2222
Targets
-
-
Target
2.bin
-
Size
782KB
-
MD5
630a76fe553d7656ea617024ca3f5de4
-
SHA1
5d3f80b8905d2f93b7b9b9243e384fa243d2e918
-
SHA256
7d4d207fb5258f504d3f9ef60d431332d1e7320d5849c0b0acf624612b01c8f0
-
SHA512
079c3a1983b38dcc37df5aa6da8b439b9415a175e24c1e1fa0d1d40c19116654404e20e8fca109c9af2b4b3fd96336b4084352845c7567f639d7f8dd84a7a5c4
-
Qakbot persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run entry to start application
-