API tools faq
paste
Advertisement
MalwareQuinn

Qakbot IOCs tr02 Dec 16 2020

MalwareQuinn
Dec 16th, 2020
12,071
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.58 KB | None | 0 0
raw download clone embed print report
  1. Qakbot's affiliate tr02 has shifted to running attachment only campaigns following the 061220.gif campaign. Here's the urls that were seen since then.
  2.  
  3. dll for today: https://bazaar.abuse.ch/sample/5fef1f3e9b7584a0f6be325230fabecde15b8c2c32df2234bfb9044313aef6b4/
  4.  
  5. https://khaugalliindia.com/ds/0812.gif
  6. https://izmirburo.com/ds/0812.gif
  7. http://masadahtime.com/ds/0812.gif
  8. https://12.ossmarcial.com/ds/0812.gif
  9. https://skycitymall.co.in/ds/0812.gif
  10. https://duburimusic.com/ds/0812.gif
  11. https://test.dawwie.com/ds/0812.gif
  12. https://instamef.webd.pl/ds/0812.gif
  13. https://cards.vaults.ga/ds/0812.gif
  14. https://kayakalpguru.com/ds/0912.gif
  15. https://linlimpezas.com/ds/0912.gif
  16. https://mundoarawak.com/ds/0912.gif
  17. https://saresamagenta.com/ds/0912.gif
  18. https://slasinfo.com/ds/0912.gif
  19. https://cuninanepal.org/ds/0912.gif
  20. http://support.loungu.com/ds/0912.gif
  21. https://curious.thewife.in/ds/0912.gif
  22. http://eb.vokasidev.com/ds/0912.gif
  23. http://boostground.com/ds/0912.gif
  24. http://israrulhaq.me/ds/1312.gif
  25. http://toyotacollege.ac.th/ds/1312.gif
  26. http://tolensociety.com/ds/1312.gif
  27. http://my.loungu.com/ds/1312.gif
  28. http://legalpyramids.com/ds/1312.gif
  29. http://tacefradio.com/ds/1312.gif
  30. http://news24mrl.com/ds/1312.gif
  31. http://hoyamu.tellwhom.com/ds/1512.gif
  32. http://artwebsite.uk/ds/1512.gif
  33. http://fangs.co.in/ds/1512.gif
  34. http://kientrucadhome.vn/ds/1512.gif
  35. http://dpoonabakers.com/ds/1512.gif
  36. http://118travel.net/ds/1512.gif
  37. http://kgvidhyashram.in/ds/1512.gif
  38. http://prisecomparer.com/ds/1512.gif
  39. http://ffa.odessa.ua/ds/1512.gif
  40. http://he.thenamestork.com/ds/1512.gif
  41. http://etechpk.net/ds/1512.gif
  42. http://outdoorsphoto.net/ds/1512.gif
  43.  
  44. Additionally, here are todays IPs:
  45. 111.95.212.237:2222
  46. 190.220.8.10:995
  47. 109.154.79.222:2222
  48. 83.110.250.71:995
  49. 149.28.99.97:2222
  50. 45.63.107.192:443
  51. 149.28.101.90:2222
  52. 149.28.101.90:995
  53. 149.28.99.97:443
  54. 149.28.98.196:443
  55. 144.202.38.185:2222
  56. 45.77.115.208:995
  57. 149.28.98.196:2222
  58. 149.28.98.196:995
  59. 149.28.99.97:995
  60. 45.63.107.192:2222
  61. 144.202.38.185:995
  62. 144.202.38.185:443
  63. 45.63.107.192:995
  64. 5.13.84.186:995
  65. 68.83.89.188:443
  66. 67.141.11.98:443
  67. 219.76.148.249:443
  68. 86.245.82.249:2078
  69. 116.240.78.45:995
  70. 37.182.244.124:2222
  71. 72.186.1.237:443
  72. 78.97.207.104:443
  73. 80.14.22.234:2222
  74. 202.141.225.158:443
  75. 72.28.255.159:995
  76. 37.6.208.105:2222
  77. 161.142.217.62:443
  78. 188.253.85.49:995
  79. 217.165.3.30:443
  80. 90.61.38.208:2222
  81. 2.49.219.254:22
  82. 124.29.232.108:443
  83. 2.50.143.154:2222
  84. 2.50.2.216:443
  85. 197.161.154.132:443
  86. 103.76.160.110:443
  87. 51.223.138.251:443
  88. 102.185.13.89:443
  89. 85.101.187.146:443
  90. 92.154.83.96:2087
  91. 45.118.216.157:443
  92. 86.122.248.164:2222
  93. 92.154.83.96:1194
  94. 217.165.125.217:443
  95. 92.154.83.96:2078
  96. 85.105.29.218:443
  97. 151.60.38.21:443
  98. 156.213.217.254:443
  99. 2.50.57.224:443
  100. 217.162.149.212:443
  101. 182.161.6.57:3389
  102. 24.27.82.216:2222
  103. 37.166.181.234:0
  104. 45.77.115.208:2222
  105. 203.106.116.190:443
  106. 85.52.72.32:2222
  107. 2.51.240.250:995
  108. 2.91.9.248:443
  109. 101.109.175.33:443
  110. 41.228.47.147:443
  111. 78.101.199.138:995
  112. 125.63.101.62:443
  113. 90.53.103.26:2222
  114. 86.124.93.144:443
  115. 79.114.177.162:993
  116. 5.2.212.254:443
  117. 86.127.22.190:443
  118. 81.133.234.36:2222
  119. 5.15.109.245:443
  120. 37.130.115.124:443
  121. 2.50.88.125:995
  122. 62.38.114.12:2222
  123. 78.181.19.134:443
  124. 187.155.59.73:443
  125. 102.187.95.88:443
  126. 79.129.216.215:2222
  127. 141.237.135.194:443
  128. 42.117.61.10:443
  129. 93.148.241.179:2222
  130. 41.205.16.222:443
  131. 46.53.2.70:443
  132. 151.61.125.180:2222
  133. 151.73.121.136:443
  134. 176.181.247.197:443
  135. 149.28.101.90:8443
  136. 2.7.69.217:2222
  137. 84.117.176.32:443
  138. 109.205.204.229:2222
  139. 184.179.14.130:22
  140. 203.106.195.67:443
  141. 121.58.199.24:443
  142. 216.201.162.158:443
  143. 83.110.13.182:2222
  144. 172.87.157.235:3389
  145. 45.118.65.34:443
  146. 79.129.252.62:2222
  147. 2.50.30.147:995
  148. 2.50.159.104:2222
  149. 105.198.236.101:443
  150. 78.96.199.79:443
  151. 217.133.54.140:32100
  152. 172.91.19.192:443
  153. 196.204.207.111:443
  154. 77.132.113.187:2222
  155. 185.163.221.77:2222
  156. 197.49.240.8:995
  157. 45.77.115.208:8443
  158. 108.30.125.94:443
  159. 213.60.147.140:443
  160. 217.165.9.48:443
  161. 94.70.36.227:2222
  162. 59.99.36.20:443
  163. 104.37.20.207:995
  164. 5.193.106.230:2078
  165. 117.215.198.5:443
  166. 2.50.49.18:22
  167. 2.88.1.76:995
  168. 66.25.168.167:2222
  169. 173.21.10.71:2222
  170. 106.250.150.98:443
  171. 58.152.9.133:443
  172. 72.36.59.46:2222
  173. 89.137.211.239:995
  174. 96.241.66.126:443
  175. 93.86.1.159:995
  176. 95.76.27.6:443
  177. 217.128.117.218:2222
  178. 37.211.23.45:995
  179. 120.150.34.178:443
  180. 86.120.138.232:443
  181. 41.97.125.168:443
  182. 87.27.110.90:2222
  183. 82.76.47.211:443
  184. 94.69.242.254:2222
  185. 90.101.62.189:2222
  186. 78.187.125.116:2222
  187. 197.57.96.163:443
  188. 197.90.131.100:32100
  189. 5.193.178.36:2078
  190. 196.151.252.84:443
  191. 118.100.159.27:443
  192. 105.198.236.99:443
  193. 185.105.131.233:443
  194. 45.77.115.208:443
  195.  
  196. Many thanks to https://twitter.com/H_Miser for their submissions on the 0912.gif campaign :)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!