General
-
Target
b5b4.exe
-
Size
684KB
-
Sample
191216-2se5jb3s4x
-
MD5
d2399ff437e5106ea2af89a0125c6866
-
SHA1
07977968e44bf117673443a6ebfaa5f69929a6df
-
SHA256
b5b4b488a0a8f8ad6c5a738c2bc7dcbd7c198005d6adf2297b6f482b748440f6
-
SHA512
f72eb5ecf5c7579351772c1105ffb276e7896b763b8fe3b06a0df80d891cc3b6b107646aebcb64cd758a2dd1b049afd0b6f06059291a6ecf69899205f7f90442
Task
task1
Sample
b5b4.exe
Resource
win7v191014
Malware Config
Extracted
qakbot
1576221125
72.187.35.131:443
188.61.134.98:2222
47.153.115.154:995
75.130.117.134:443
174.131.181.120:995
24.32.119.146:443
184.101.230.153:443
70.124.29.226:443
47.227.198.155:443
12.176.32.146:443
172.89.144.89:995
66.214.75.176:443
99.228.5.106:443
98.237.120.65:995
206.51.202.106:50002
50.247.230.33:995
96.37.137.42:443
73.226.220.56:443
70.164.39.91:443
104.152.16.45:995
24.184.6.58:2222
201.152.199.156:995
72.183.255.148:443
5.182.39.156:443
72.16.212.107:465
162.244.224.166:443
63.230.17.215:995
75.131.72.82:995
67.10.18.112:993
75.131.72.82:443
196.194.66.31:2222
197.82.208.68:995
181.126.80.118:443
67.214.21.207:443
32.208.1.239:8443
72.47.115.182:443
47.40.244.237:443
173.31.178.20:443
2.187.66.157:995
66.169.209.201:443
181.197.195.138:995
201.188.10.16:443
67.246.180.90:443
74.134.35.54:443
70.174.21.130:443
207.178.109.161:443
75.182.214.87:443
24.189.222.222:2222
104.34.186.27:995
23.240.185.215:443
107.144.199.177:443
138.122.5.214:443
69.21.112.118:2222
67.160.63.127:443
96.227.138.53:443
184.167.2.251:2222
50.78.93.74:995
71.77.231.251:443
73.179.178.78:443
68.134.181.98:443
117.204.227.13:995
108.46.22.47:443
67.190.189.217:443
73.200.219.143:443
62.47.252.79:993
173.81.22.235:443
74.33.70.219:443
111.125.70.30:2222
73.104.218.229:0
68.100.248.78:443
123.252.128.47:443
100.38.123.22:443
98.148.177.77:443
108.55.23.221:443
72.29.181.77:2078
90.91.93.28:2222
75.81.25.223:995
75.110.250.89:443
184.180.157.203:2222
162.244.225.30:443
104.235.114.14:443
2.50.157.249:443
187.163.139.94:993
68.49.120.179:443
47.214.144.253:443
97.93.211.17:443
76.101.26.55:443
24.196.158.28:443
45.45.105.94:995
71.30.56.170:443
174.48.72.160:443
75.70.218.193:443
12.5.37.3:995
108.227.161.27:443
75.131.239.76:995
67.246.16.250:995
166.62.180.194:2078
72.224.159.224:2222
173.3.132.17:995
24.229.245.124:995
45.45.105.94:443
67.223.197.156:443
72.218.167.183:443
108.27.217.44:443
64.33.68.198:443
108.160.123.244:443
184.191.62.78:443
192.40.225.168:443
74.71.216.1:443
65.30.12.240:443
24.202.42.48:2222
107.12.140.181:443
75.170.56.34:995
74.194.4.181:443
96.35.170.82:2222
173.172.205.216:443
24.201.79.208:2078
107.12.131.249:443
98.121.187.78:443
68.39.177.147:995
68.83.59.107:443
122.164.142.91:443
100.4.185.8:443
70.120.151.69:443
173.22.120.11:2222
12.5.37.3:443
64.250.55.239:443
98.252.150.180:443
72.211.97.57:443
47.146.169.85:443
71.226.140.73:443
104.3.91.20:995
207.162.184.228:443
173.61.231.209:443
116.58.100.130:443
176.205.63.149:995
64.19.74.29:995
172.242.9.118:995
70.177.25.99:443
208.126.142.17:443
47.23.101.26:465
184.74.101.234:995
97.122.229.88:993
174.82.131.155:995
172.78.87.180:995
108.45.183.59:443
68.174.15.223:443
73.137.187.150:443
68.238.56.27:443
181.135.235.70:443
Targets
-
-
Target
b5b4.exe
-
Size
684KB
-
MD5
d2399ff437e5106ea2af89a0125c6866
-
SHA1
07977968e44bf117673443a6ebfaa5f69929a6df
-
SHA256
b5b4b488a0a8f8ad6c5a738c2bc7dcbd7c198005d6adf2297b6f482b748440f6
-
SHA512
f72eb5ecf5c7579351772c1105ffb276e7896b763b8fe3b06a0df80d891cc3b6b107646aebcb64cd758a2dd1b049afd0b6f06059291a6ecf69899205f7f90442
-
Executes dropped EXE
-
Turn off Windows Defender SpyNet reporting
-
Loads dropped DLL
-
Adds Run entry to start application
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-