Qakbot_BB01_13.10.2022.txt

13.10.2022 | Qakbot | bb | Campaign 2022-10-13 07:57:35 | Version 403.914

*************************************************

.url http://drc.co.th/ioen/uuqtetnsa - pw BNO87
.zip 0e6bf800c68afc28e11d2a9c4ed8d68006e31dad0bc2330452502d363a4d1f51
.iso e4cc608a9825d4f4ec45c2e8b9153e28ef3e7eae4a7a7327f52b02361cdec267
.dll 06bc78dafd94e479b5be0f5c9048990c23bf6b9b64dfce93039555e1eec46ab3

*************************************************

lnk content:

C:\obediences\embalming.cmd

*************************************************

cmd /c C:\Users\Admin\AppData\Local\Temp\IData.lnk

cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\obediences\embalming.cmd"

hello.com  obediences\crewed.dat,DllRegisterServer

*************************************************

c2's

183.182.86.158:443
42.189.32.186:80
134.35.1.115:443
198.2.51.242:993
220.123.29.76:443
110.159.63.62:443
41.111.66.163:443
167.56.71.49:443
197.94.79.39:443
190.205.229.67:2222
187.58.165.81:443
186.18.210.16:443
42.115.244.80:443
187.56.91.215:995
187.198.67.140:443
179.25.153.200:995
190.100.149.122:995
41.105.150.238:443
181.44.34.172:443
94.52.127.44:443
196.207.146.151:443
105.197.208.168:995
196.65.103.80:995
72.88.245.71:443
41.99.85.8:443
197.204.233.216:443
85.171.48.85:443
144.202.15.58:443
144.202.15.58:995
105.69.142.130:995
146.70.9.13:2222
41.109.62.192:443
197.158.89.85:443
14.230.114.151:443
163.182.177.80:443