QakbotIOCs_07_21_2020

1. Qakbot was dropped by Emotet today with botgroup ID "partner01". Here are all the C2 endpoints contained in the binary:
2.  
3. 190.220.8.10:443
4. 66.57.216.53:993
5. 173.175.29.210:443
6. 72.255.200.69:2222
7. 24.229.150.54:995
8. 81.133.234.36:2222
9. 86.4.44.48:443
10. 92.104.210.253:2222
11. 71.56.53.127:443
12. 174.85.133.130:2222
13. 201.170.83.26:443
14. 5.15.81.52:443
15. 187.207.185.170:443
16. 67.248.210.221:53
17. 67.246.16.250:995
18. 212.126.109.14:443
19. 69.11.247.242:443
20. 207.255.161.8:32100
21. 69.92.54.95:995
22. 104.235.72.17:443
23. 200.113.201.83:995
24. 82.81.172.21:443
25. 74.134.46.7:443
26. 151.73.125.195:443
27. 188.24.214.244:443
28. 188.192.75.8:443
29. 24.165.87.61:443
30. 216.163.4.132:443
31. 174.34.67.106:2222
32. 86.175.7.7:2222
33. 72.142.106.198:995
34. 68.190.152.98:443
35. 47.24.47.218:443
36. 73.217.4.42:443
37. 96.244.45.155:443
38. 72.240.245.253:443
39. 130.25.130.19:2222
40. 35.142.12.163:2222
41. 98.240.24.57:443
42. 95.77.144.238:443
43. 67.8.103.21:443
44. 80.195.103.146:2222
45. 72.142.106.198:465
46. 66.26.160.37:443
47. 72.177.157.217:995
48. 173.26.189.151:443
49. 96.18.240.158:443
50. 93.114.122.202:2222
51. 207.246.71.122:443
52. 144.202.48.107:443
53. 45.77.215.141:443
54. 173.173.1.164:443
55. 100.40.48.96:443
56. 76.106.25.207:443
57. 74.222.204.82:443
58. 72.88.119.131:443
59. 108.30.125.94:443
60. 100.19.7.242:443
61. 172.78.30.215:443
62. 66.208.105.6:443
63. 95.77.223.148:443
64. 72.190.101.70:443
65. 24.183.39.93:443
66. 72.228.3.116:443
67. 24.139.132.70:443
68. 68.200.23.189:443
69. 172.242.156.50:995
70. 24.202.42.48:2222
71. 72.204.242.138:443
72. 72.204.242.138:20
73. 108.45.29.12:443
74. 68.174.15.223:443
75. 74.193.197.246:443
76. 96.56.237.174:990
77. 64.19.74.29:995
78. 70.168.130.172:443
79. 81.106.46.63:443
80. 100.43.250.74:995
81. 189.236.166.167:443
82. 68.4.137.211:443
83. 76.187.8.160:443
84. 86.126.97.183:2222
85. 24.90.160.91:443
86. 76.86.57.179:2222
87. 201.103.155.111:443
88. 24.234.86.201:995
89. 75.183.171.155:3389
90. 98.148.177.77:443
91. 173.172.205.216:443
92. 98.116.62.242:443
93. 74.215.201.122:443
94. 173.3.132.17:995
95. 73.226.220.56:443
96. 207.255.161.8:32103
97. 75.137.239.211:443
98. 68.49.120.179:443
99. 5.193.178.241:2078
100. 206.51.202.106:50003
101. 82.127.193.151:2222
102. 207.255.161.8:2222
103. 207.255.161.8:2087
104. 24.152.219.253:995
105. 41.97.138.74:443
106. 104.173.119.54:2222
107. 80.240.26.178:443
108. 207.246.75.201:443
109. 199.247.22.145:443
110. 199.247.16.80:443
111. 173.90.33.182:2222
112. 79.114.199.39:443
113. 80.14.209.42:2222
114. 24.164.79.147:443
115. 70.183.127.6:995
116. 47.153.115.154:993
117. 184.180.157.203:2222
118. 87.65.204.240:995
119. 217.162.149.212:443
120. 50.104.68.223:443
121. 195.162.106.93:2222
122. 67.165.206.193:995
123. 200.113.201.83:993
124. 103.238.231.40:443
125. 84.232.238.30:443
126. 78.96.192.26:443
127. 47.153.115.154:465
128. 98.115.138.61:443
129. 24.42.14.241:995
130. 189.160.203.110:443
131. 188.27.76.139:443
132. 207.255.161.8:32102
133. 49.207.105.25:443
134. 193.248.44.2:2222
135. 190.63.182.214:443
136. 179.51.23.31:443
137. 74.135.37.79:443
138. 208.82.44.203:443
139. 71.210.177.4:443
140. 83.110.222.11:443
141. 187.155.74.5:995
142. 50.244.112.106:443
143. 193.23.5.134:443
144. 78.102.138.103:995
145. 2.50.47.97:2222
146. 201.248.102.4:2078
147. 41.34.91.90:995
148. 72.204.242.138:53
149. 46.214.62.199:443
150. 201.127.27.88:443
151. 68.46.142.48:443
152. 72.29.181.77:2078