Malware-IOCs/2022-03-22 Qakbot (AA) IOCs at main · executemalware/Malware-IOCs
Tags
attack-pattern: | Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Regsvr32 - T1218.010 Regsvr32 - T1117 |
Common Information
Type | Value |
---|---|
UUID | daf14cdf-ed5f-4d1f-b1b4-4d860e79b6fa |
Fingerprint | fa2d04f6ac762cf6 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | March 22, 2022, midnight |
Added to db | Sept. 11, 2022, 12:45 p.m. |
Last updated | Sept. 2, 2024, 10:40 a.m. |
Headline | UNKNOWN |
Title | Malware-IOCs/2022-03-22 Qakbot (AA) IOCs at main · executemalware/Malware-IOCs |
Detected Hints/Tags/Attributes | 12/1/65 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | site4sms.net |
|
Details | Domain | 1 | aeet.zip |
|
Details | Domain | 1 | globalxre.com |
|
Details | Domain | 1 | fleur-op-kleur.nl |
|
Details | Domain | 1 | aceqinvestment.com |
|
Details | File | 1 | aeet.zip |
|
Details | File | 1 | aeet.xlsb |
|
Details | File | 1 | c:\seng\elxg1.dll |
|
Details | File | 1 | c:\seng\elxg2.dll |
|
Details | File | 1 | c:\seng\elxg3.dll |
|
Details | File | 1 | nhvnmjpmns.png |
|
Details | File | 1 | 3c0000.dll |
|
Details | md5 | 1 | 047458cd411b1b0432bffd6f6efa0829 |
|
Details | md5 | 1 | ac3287311821304bf1ffc06821ac9899 |
|
Details | md5 | 1 | e9781557a411e639e46b07969cdd4ff6 |
|
Details | md5 | 1 | f82849990c4a77e2ea6c095e836f148d |
|
Details | IPv4 | 1 | 24.178.196.37 |
|
Details | IPv4 | 1 | 98.22.244.178 |
|
Details | IPv4 | 1 | 180.233.150.127 |
|
Details | IPv4 | 1 | 217.165.85.140 |
|
Details | IPv4 | 1 | 5.32.41.215 |
|
Details | IPv4 | 1 | 39.44.151.81 |
|
Details | IPv4 | 1 | 108.4.67.179 |
|
Details | IPv4 | 1 | 180.129.26.216 |
|
Details | IPv4 | 1 | 73.151.236.40 |
|
Details | IPv4 | 1 | 63.143.92.220 |
|
Details | IPv4 | 1 | 105.184.49.111 |
|
Details | IPv4 | 1 | 108.60.213.49 |
|
Details | IPv4 | 1 | 67.209.195.148 |
|
Details | IPv4 | 1 | 76.25.142.110 |
|
Details | IPv4 | 1 | 190.206.211.47 |
|
Details | IPv4 | 1 | 80.11.74.1 |
|
Details | IPv4 | 1 | 79.52.204.20 |
|
Details | IPv4 | 1 | 89.137.52.12 |
|
Details | IPv4 | 1 | 94.59.138.153 |
|
Details | IPv4 | 1 | 96.21.251.139 |
|
Details | IPv4 | 1 | 2.34.12.144 |
|
Details | IPv4 | 1 | 186.105.118.249 |
|
Details | Url | 1 | https://onedrive.live.com/download?cid=a907d04125bc5fd6&resid=a907d04125bc5fd6 |
|
Details | Url | 1 | https://lqhppq.dm.files.1drv.com/y4m5o5es8iqn0leshhv4qh7ufj3bh6vzljozewc3lvgazf0lc8qeu_9jvw2uzpynbpmcsjaocdg7m3hxzhbczdgs-dn0nwclgmfpvk9twjp0tpd0k8y-ohqqzeat8svdrjq1d0zzej5bdo_pz4_-a_hsfbjw1ktg-d0_koggcq1gbmapbs3zzla1ncgs4nxajv4rrxyjkjnsvfu98lareqrrq/aeet.zip?download&psid=1 |
|
Details | Url | 1 | https://globalxre.com/bxjbwnpbup8/nhvnmjpmns.png |
|
Details | Url | 1 | https://fleur-op-kleur.nl/nvp9pgm6slj/nhvnmjpmns.png |
|
Details | Url | 1 | https://aceqinvestment.com/kdvxuqedn3/nhvnmjpmns.png |
|
Details | Url | 1 | http://24.178.196.37:2222 |
|
Details | Url | 1 | http://98.22.244.178:443 |
|
Details | Url | 1 | http://180.233.150.127:995 |
|
Details | Url | 1 | http://217.165.85.140:32101 |
|
Details | Url | 1 | http://5.32.41.215:443 |
|
Details | Url | 1 | http://39.44.151.81:995 |
|
Details | Url | 1 | http://108.4.67.179:443 |
|
Details | Url | 1 | http://180.129.26.216:995 |
|
Details | Url | 1 | http://73.151.236.40:443 |
|
Details | Url | 1 | http://63.143.92.220:995 |
|
Details | Url | 1 | http://105.184.49.111:995 |
|
Details | Url | 1 | http://108.60.213.49:443 |
|
Details | Url | 1 | http://67.209.195.148:443 |
|
Details | Url | 1 | http://76.25.142.110:443 |
|
Details | Url | 1 | http://190.206.211.47:443 |
|
Details | Url | 1 | http://80.11.74.1:2222 |
|
Details | Url | 1 | http://79.52.204.20:50001 |
|
Details | Url | 1 | http://89.137.52.12:443 |
|
Details | Url | 1 | http://94.59.138.153:1194 |
|
Details | Url | 1 | http://96.21.251.139:2222 |
|
Details | Url | 1 | http://2.34.12.144:443 |
|
Details | Url | 1 | http://186.105.118.249:443 |