Qakbot_BB10_14.12.2022.txt

14.12.2022 | Qakbot | BB10 | Campaign 1670997897 | Version 404.46

*************************************************

.url https://appgssisabelle.net/omd/index.php?qbot.zip
.zip 7dc9ce20da9c68bf536ed4cab33d1601d9a857f3a01f0fb69437cb91ff4dc04e
.img 75abd2f13b0c5cbebdce25be69c43a49cd1c239e0b75d7f302ff671297562eed
.dll ce81b2ab0a243fe8e85a249b0f425007d858d7e9cc7e65af5d2f9e68efb5e5d0

*************************************************

>> Tracker database block
   Machine ID:  galaxys21
   MAC Address: 00:0c:29:98:b2:71
   MAC Vendor:  VMWARE
   Creation:    2022-12-13 12:26:48

   Volume Droid:       6c355ef8-faf6-4b52-8247-3df4cf5784c6
   Volume Droid Birth: 6c355ef8-faf6-4b52-8247-3df4cf5784c6
   File Droid:         6a2a4bd2-7ae1-11ed-b16d-000c2998b271
   File Droid birth:   6a2a4bd2-7ae1-11ed-b16d-000c2998b271

*************************************************

Exec >

cmd /c Cancelation 2150563 Dec 14.lnk

rundll32.exe opengl.dat,DrawThemeIcon


*************************************************

c2's

49.175.72.56:443
64.237.214.193:443
79.77.142.22:2222
173.18.126.3:443
23.242.141.218:2222
121.121.100.148:995
172.90.139.138:2222
172.248.42.122:443
94.63.65.146:443
98.145.23.67:443
12.172.173.82:990
91.68.227.219:443
12.172.173.82:993
75.99.125.236:2222
49.245.119.12:2222
74.66.134.24:443
173.239.94.212:443
91.169.12.198:32100
184.68.116.146:2222
24.71.120.191:443
103.71.21.107:443
109.11.175.42:2222
78.92.133.215:443
184.153.132.82:443
24.228.132.224:2222
69.119.123.159:2222
216.82.134.133:443
81.229.117.95:2222
92.189.214.236:2222
184.68.116.146:3389
12.172.173.82:995
73.29.92.128:443
73.230.28.7:443
150.107.231.59:2222
81.131.210.167:443
70.64.77.115:443
73.155.10.79:443
86.99.14.46:2222
86.96.75.237:2222
123.3.240.16:995
213.191.164.70:443
174.58.146.57:443
149.126.159.106:443
50.68.204.71:995
47.41.154.250:443
50.68.204.71:443
12.172.173.82:465
24.206.27.39:443
75.143.236.149:443
74.83.128.70:2083
108.6.249.139:443
79.13.202.140:443
84.35.26.14:995
70.115.104.126:995
78.247.21.20:443
188.48.116.37:995
87.65.160.87:995
71.31.101.183:443
60.234.194.12:2222
76.80.180.154:995
46.10.198.106:443
90.104.22.28:2222
72.80.7.6:995
199.83.165.233:443
80.0.74.165:443
116.74.163.218:443
86.98.23.199:443
76.100.159.250:443
76.20.42.45:443
47.34.30.133:443
70.55.120.16:2222
103.144.201.62:2078
77.86.98.236:443
2.83.12.243:443
47.203.227.114:443
178.152.126.55:443
84.113.121.103:443
108.162.6.34:443
188.176.170.61:443
50.68.204.71:993
184.176.154.83:995
92.207.132.174:2222
142.161.27.232:2222
190.29.228.61:443
176.142.207.63:443
66.191.69.18:995
90.89.95.158:2222
198.2.51.242:993
73.36.196.11:443
176.151.15.101:443
181.164.194.223:443
69.133.162.35:443
184.68.116.146:2078
136.232.184.134:995
184.68.116.146:61202
12.172.173.82:21
72.200.109.104:443
181.118.183.50:443
124.122.55.7:443
162.248.14.107:443
87.220.68.51:2222
86.225.214.138:2222
75.158.15.211:443
80.44.148.126:2222
12.172.173.82:22
75.98.154.19:443
24.142.218.202:443
70.77.116.233:443
61.69.198.59:443
184.68.116.146:50010
12.172.173.82:50001
190.24.45.24:995
94.71.209.47:2222
174.104.184.149:443
82.9.210.36:443
78.101.91.215:2222
47.149.137.40:443