Overview
overview
10Static
static
Art.lnk
windows7-x64
3Art.lnk
windows10-2004-x64
3banners/aq...ons.js
windows7-x64
3banners/aq...ons.js
windows10-2004-x64
1banners/castilian.dll
windows7-x64
10banners/castilian.dll
windows10-2004-x64
10banners/pe...ns.cmd
windows7-x64
1banners/pe...ns.cmd
windows10-2004-x64
1General
-
Target
Art#4224.iso
-
Size
1.2MB
-
Sample
220926-stlrjabbg5
-
MD5
6d0d7e50918d6e7a30340223ed87292b
-
SHA1
07f07d651bc22033ce453e7375d0dc4e78287861
-
SHA256
63ade90920f3c771336089bd7fe255a76d81781c761347e8016d81eadd5ae687
-
SHA512
24e5331a68678a36d29f3ab1b801463b1e0502a5aea3faa5f661f2cb5e870d8dd6b067e1c06035eb91060cab15b62c2582473b9ba5a5cf870a489d6db3af0a2c
-
SSDEEP
24576:zVeK7bHY/DS6wku4EmQKyMeRP7IYqsS/HdcoO9u+5w9M4aQvcd:zZjMpn6oOScd
Static task
static1
Behavioral task
behavioral1
Sample
Art.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Art.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
banners/aquaDisassociations.js
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
banners/aquaDisassociations.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
banners/castilian.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
banners/castilian.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
banners/persuasivelyPertains.cmd
Resource
win7-20220901-en
Behavioral task
behavioral8
Sample
banners/persuasivelyPertains.cmd
Resource
win10v2004-20220812-en
Malware Config
Extracted
qakbot
403.895
BB
1664184863
197.204.227.155:443
123.23.64.230:443
173.218.180.91:443
111.125.157.230:443
70.49.33.200:2222
149.28.38.16:995
86.132.13.105:2078
149.28.38.16:443
45.77.159.252:995
45.77.159.252:443
149.28.63.197:995
144.202.15.58:443
45.63.10.144:443
45.63.10.144:995
149.28.63.197:443
144.202.15.58:995
39.121.226.109:443
177.255.14.99:995
134.35.10.30:443
99.232.140.205:2222
180.180.132.100:443
86.176.180.223:993
41.98.11.74:443
196.64.230.149:8443
68.224.229.42:443
41.111.72.234:995
196.64.237.130:443
190.44.40.48:995
70.51.132.197:2222
88.232.207.24:443
115.247.12.66:443
189.19.189.222:32101
72.88.245.71:443
217.165.97.141:993
191.97.234.238:995
119.82.111.158:443
88.237.6.72:53
100.1.5.250:995
96.234.66.76:995
186.64.67.34:443
66.181.164.43:443
193.3.19.37:443
197.94.84.128:443
41.96.130.46:80
187.205.222.100:443
139.228.33.176:2222
88.245.168.200:2222
110.4.255.247:443
89.211.217.38:995
-
salt
SoNuce]ugdiB3c[doMuce2s81*uXmcvP
Targets
-
-
Target
Art.lnk
-
Size
1KB
-
MD5
92bd99709950ff46ff4838d7a1f3edbf
-
SHA1
3735c7d86d119968a44694e2485a288735c382d5
-
SHA256
3afee94ae082c743bfb1ec42dcd03433d22f649b7e43b6a79e2a878b78b04b77
-
SHA512
d3fd15760e1c234f227d0cefe62eee4bf96be7e2ca5e16cae583cdb641ac080b179cddb3dd6bc79154d037dfe66758600fbe050e2fb59076d139759b16ba1f9e
Score3/10 -
-
-
Target
banners/aquaDisassociations.js
-
Size
225B
-
MD5
603256a9748d57cb0bc3ffb27c301970
-
SHA1
b6ba91e8f52a07ba984411ddda120359f3196ac7
-
SHA256
3c942da5ac014f728a65ddbbcb27539fb1d7e4cb4ef4523ff47d2627228048a1
-
SHA512
884e75e2fd0ef3944ff291d2785d786b1ca91d7cf945f0e4d8cc6a51a94b8d5cd82ad8294d02db003a6784021b6d0f0b03549dcebbe756fade9f6d43be10e064
Score3/10 -
-
-
Target
banners/castilian.db
-
Size
1.1MB
-
MD5
e17ff4c8e0da566b6fbe6ce54101eee7
-
SHA1
ed92354f1a9500c9dc07dfe77e23d3193e905559
-
SHA256
0b353412e79686c5185dfdf185747e856f379c863ff41d82ce0ef4b69b31b747
-
SHA512
70b9b4f07b35cf617da318e79999d3593355c126d10ab01a30827cd0daaa0d0fe54bbc9ed8fce80372803573ad2f30ea30e177dbf9ca0eddcf4cafb87e081f30
-
SSDEEP
24576:wVeK7bHY/DS6wku4EmQKyMeRP7IYqsS/HdcoO9u+5w9M4a:wZjMpn6oO
-
-
-
Target
banners/persuasivelyPertains.cmd
-
Size
45B
-
MD5
dc41c0c31bef89cf16867fe8a7e925a7
-
SHA1
7fc36da0e6ecf064df2d34653b63f9b253e6d38c
-
SHA256
41e43038fcd50d37506a8880203ced62ce47b5b0d8ec3ee2efebe53cca770bfb
-
SHA512
1c6a42f25264e7c0cfcb8e2814b357e9bce6d1f2450ad52a22c4b24d25debd9ac3dc99de7690c0c30e3cadaf485c985e48f905b24f2e85ccc34a442c4c4e70e7
Score1/10 -