Pulse Detail — Threat Intelligence

PULSE NAME

Qakbot IOCs - @pr0xylife - BB32 - 6-13-23

WHITE Techronik 2023-06-13 Modified: 2023-07-13

341

IOCs

HIGH VOLUME

Qakbot IOCs - @pr0xylife - BB32 - 6-13-23 https://twitter.com/Cryptolaemus1/status/1668602957607124992 https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB32_13.06.2023.txt

qakbot

MITRE ATT&CK & Malware Families

MALWARE FAMILIES

QakBot

Indicators of Compromise (229 / 341 total)

All URL FileHash-SHA1 FileHash-SHA256 domain

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	https://github.co/hiddenchars	—	2023-06-13
URL	http://1.221.179.74:443	—	2023-06-13
URL	http://100.10.72.114:443	—	2023-06-13
URL	http://102.156.161.41:443	—	2023-06-13
URL	http://102.158.231.164:443	—	2023-06-13
URL	http://103.113.68.33:443	—	2023-06-13
URL	http://103.123.223.153:443	—	2023-06-13
URL	http://103.139.242.6:443	—	2023-06-13
URL	http://103.140.174.20:2222	—	2023-06-13
URL	http://103.141.50.43:995	—	2023-06-13
URL	http://103.144.201.62:2078	—	2023-06-13
URL	http://103.212.19.254:995	—	2023-06-13
URL	http://104.35.24.154:443	—	2023-06-13
URL	http://105.184.83.141:995	—	2023-06-13
URL	http://113.11.92.30:443	—	2023-06-13
URL	http://114.143.176.237:443	—	2023-06-13
URL	http://116.75.63.181:443	—	2023-06-13
URL	http://12.172.173.82:20	—	2023-06-13
URL	http://12.172.173.82:2087	—	2023-06-13
URL	http://12.172.173.82:21	—	2023-06-13
URL	http://12.172.173.82:32101	—	2023-06-13
URL	http://12.172.173.82:465	—	2023-06-13
URL	http://12.172.173.82:50001	—	2023-06-13
URL	http://12.172.173.82:995	—	2023-06-13
URL	http://121.121.100.202:995	—	2023-06-13
URL	http://122.184.143.86:443	—	2023-06-13
URL	http://124.122.47.148:443	—	2023-06-13
URL	http://124.149.143.189:2222	—	2023-06-13
URL	http://130.43.110.181:995	—	2023-06-13
URL	http://142.119.34.18:2222	—	2023-06-13
URL	http://142.188.88.42:2222	—	2023-06-13
URL	http://147.219.4.194:443	—	2023-06-13
URL	http://151.62.174.154:443	—	2023-06-13
URL	http://151.62.203.255:443	—	2023-06-13
URL	http://151.65.167.77:443	—	2023-06-13
URL	http://161.142.100.114:995	—	2023-06-13
URL	http://162.252.175.215/b2V/vV5k9	—	2023-06-13
URL	http://162.252.175.215/b2V/vV5k9s'P";foreach	—	2023-06-13
URL	http://162.252.175.80/nvBBpWY/XeH8lomMvec	—	2023-06-13
URL	http://165.120.244.223:2222	—	2023-06-13
URL	http://172.115.17.50:443	—	2023-06-13
URL	http://173.17.45.60:443	—	2023-06-13
URL	http://175.156.65.126:2222	—	2023-06-13
URL	http://176.142.207.63:443	—	2023-06-13
URL	http://178.175.187.254:443	—	2023-06-13
URL	http://184.176.35.223:2222	—	2023-06-13
URL	http://184.181.75.148:443	—	2023-06-13
URL	http://184.182.66.109:443	—	2023-06-13
URL	http://184.20.136.30:995	—	2023-06-13
URL	http://187.199.244.117:32103	—	2023-06-13
URL	http://188.28.19.84:443	—	2023-06-13
URL	http://189.223.184.79:443	—	2023-06-13
URL	http://190.199.147.209:2222	—	2023-06-13
URL	http://192.121.17.14/8Bz/JcNaAk	—	2023-06-13
URL	http://192.121.17.29/DznXt/BhgVWT	—	2023-06-13
URL	http://192.121.17.69/7xvnh1Y/QoZZ4fV7	—	2023-06-13
URL	http://192.121.17.70/cDSuGb/PdZzbVMef	—	2023-06-13
URL	http://197.204.11.218:443	—	2023-06-13
URL	http://197.26.182.159:443	—	2023-06-13
URL	http://197.83.246.199:443	—	2023-06-13
URL	http://198.2.51.242:993	—	2023-06-13
URL	http://199.27.66.213:443	—	2023-06-13
URL	http://2.82.8.80:443	—	2023-06-13
URL	http://200.93.25.6:2222	—	2023-06-13
URL	http://201.244.108.183:995	—	2023-06-13
URL	http://203.219.204.180:443	—	2023-06-13
URL	http://213.16.249.54:995	—	2023-06-13
URL	http://213.64.33.92:2222	—	2023-06-13
URL	http://213.91.235.146:443	—	2023-06-13
URL	http://24.122.48.63:995	—	2023-06-13
URL	http://24.198.114.130:995	—	2023-06-13
URL	http://24.234.220.88:465	—	2023-06-13
URL	http://24.234.220.88:990	—	2023-06-13
URL	http://24.234.220.88:993	—	2023-06-13
URL	http://24.234.220.88:995	—	2023-06-13
URL	http://31.111.81.139:2222	—	2023-06-13
URL	http://31.190.192.228:443	—	2023-06-13
URL	http://41.129.38.191:995	—	2023-06-13
URL	http://41.227.190.59:443	—	2023-06-13
URL	http://41.227.83.112:995	—	2023-06-13
URL	http://41.96.183.79:443	—	2023-06-13
URL	http://45.62.75.217:443	—	2023-06-13
URL	http://47.199.241.39:443	—	2023-06-13
URL	http://47.205.25.170:443	—	2023-06-13
URL	http://47.21.51.138:443	—	2023-06-13
URL	http://47.34.30.133:443	—	2023-06-13
URL	http://49.175.72.81:443	—	2023-06-13
URL	http://50.68.186.195:443	—	2023-06-13
URL	http://58.162.223.233:443	—	2023-06-13
URL	http://59.28.84.65:443	—	2023-06-13
URL	http://62.35.230.21:995	—	2023-06-13
URL	http://64.121.161.102:443	—	2023-06-13
URL	http://64.144.125.203/NsD/Om9	—	2023-06-13
URL	http://64.145.76.21:22	—	2023-06-13
URL	http://65.94.87.33:2222	—	2023-06-13
URL	http://65.95.141.20:2222	—	2023-06-13
URL	http://66.241.183.99:443	—	2023-06-13
URL	http://67.71.9.30:2222	—	2023-06-13
URL	http://67.87.119.216:2078	—	2023-06-13
URL	http://67.87.119.216:2083	—	2023-06-13
URL	http://70.160.67.203:443	—	2023-06-13
URL	http://70.28.50.223:1194	—	2023-06-13
URL	http://70.28.50.223:2078	—	2023-06-13
URL	http://70.28.50.223:2083	—	2023-06-13
URL	http://70.28.50.223:2087	—	2023-06-13
URL	http://70.28.50.223:32100	—	2023-06-13
URL	http://70.28.50.223:3389	—	2023-06-13
URL	http://70.52.230.19:2222	—	2023-06-13
URL	http://70.64.77.115:443	—	2023-06-13
URL	http://71.29.69.95:995	—	2023-06-13
URL	http://72.134.124.16:443	—	2023-06-13
URL	http://72.205.104.134:443	—	2023-06-13
URL	http://73.207.160.219:443	—	2023-06-13
URL	http://73.229.74.150:443	—	2023-06-13
URL	http://74.12.146.45:2083	—	2023-06-13
URL	http://74.12.146.45:2222	—	2023-06-13
URL	http://75.109.111.89:443	—	2023-06-13
URL	http://76.68.170.65:2222	—	2023-06-13
URL	http://76.9.168.249:443	—	2023-06-13
URL	http://77.126.99.230:443	—	2023-06-13
URL	http://78.130.215.67:443	—	2023-06-13
URL	http://78.159.147.83:995	—	2023-06-13
URL	http://79.168.224.165:2222	—	2023-06-13
URL	http://80.6.50.34:443	—	2023-06-13
URL	http://81.229.117.95:2222	—	2023-06-13
URL	http://82.125.44.236:2222	—	2023-06-13
URL	http://82.127.153.75:2222	—	2023-06-13
URL	http://86.129.138.170:443	—	2023-06-13
URL	http://86.176.144.174:2222	—	2023-06-13
URL	http://86.176.83.13:2222	—	2023-06-13
URL	http://86.182.82.61:443	—	2023-06-13
URL	http://86.97.96.62:2222	—	2023-06-13
URL	http://86.98.222.20:443	—	2023-06-13
URL	http://88.126.94.4:50000	—	2023-06-13
URL	http://89.115.200.234:443	—	2023-06-13
URL	http://89.129.109.27:2222	—	2023-06-13
URL	http://89.158.150.253:443	—	2023-06-13
URL	http://89.181.227.42:2222	—	2023-06-13
URL	http://90.26.152.228:2222	—	2023-06-13
URL	http://91.169.12.198:32100	—	2023-06-13
URL	http://91.68.227.219:443	—	2023-06-13
URL	http://92.154.17.149:2222	—	2023-06-13
URL	http://92.184.99.70:2222	—	2023-06-13
URL	http://92.20.204.198:2222	—	2023-06-13
URL	http://92.239.81.124:443	—	2023-06-13
URL	http://92.9.45.20:2222	—	2023-06-13
URL	http://95.45.50.93:2222	—	2023-06-13
URL	http://96.236.200.236:995	—	2023-06-13
URL	http://96.87.28.170:2222	—	2023-06-13
URL	http://ersatzesSchooner.vc/V/PkVs8	—	2023-06-13
URL	https://181.105.172.150/dY/t	—	2023-06-13
URL	https://aadarshtechnosoft.com/ds/	—	2023-06-13
URL	https://aderefix.com/aa/	—	2023-06-13
URL	https://airambulanceaviation.com/aest/	—	2023-06-13
URL	https://alkouser.com/duu/	—	2023-06-13
URL	https://alma-stores.com/rupm/	—	2023-06-13
URL	https://almahaadmissionedu.com/oo/	—	2023-06-13
URL	https://arundel-hospital.com/eoe/	—	2023-06-13
URL	https://ayalapublicidad.com/ti/	—	2023-06-13
URL	https://batsamco.com/tuet/	—	2023-06-13
URL	https://bewebin.com/ciir/	—	2023-06-13
URL	https://bibianos.com/ati/	—	2023-06-13
URL	https://brianrjohnson.com/mqeq/	—	2023-06-13
URL	https://brotherslives.com/eu/	—	2023-06-13
URL	https://brumbysystems.com/ouqq/	—	2023-06-13
URL	https://buskenya.com/ou/	—	2023-06-13
URL	https://cafedonanton.com/ud/	—	2023-06-13
URL	https://camelliaspices.com/aeu/	—	2023-06-13
URL	https://capitalaggroup.com/iea/	—	2023-06-13
URL	https://caribbeanenglishschool.com/sait/	—	2023-06-13
URL	https://case-sa.org/ene/	—	2023-06-13
URL	https://ccghomes.org/qneu/	—	2023-06-13
URL	https://coachesmarketingcenter.com/rte/	—	2023-06-13
URL	https://codernative.com/in/	—	2023-06-13
URL	https://codixpharma.com/ml/	—	2023-06-13
URL	https://condegonzalez.com/omt/	—	2023-06-13
URL	https://copersaingenieria.com/auns/	—	2023-06-13
URL	https://cozailorinqc.com/tt/	—	2023-06-13
URL	https://crissad.com/cou/	—	2023-06-13
URL	https://ctnano.org/ms/	—	2023-06-13
URL	https://danykas.com/mes/	—	2023-06-13
URL	https://drweb.design/ioto/	—	2023-06-13
URL	https://eit.net.pk/el/	—	2023-06-13
URL	https://factura-pro.com/ere/	—	2023-06-13
URL	https://faithplant.org/laiu/	—	2023-06-13
URL	https://fototunes.com/cter/	—	2023-06-13
URL	https://gccbiotech.net/maa/	—	2023-06-13
URL	https://girlswith750.com/eacf/	—	2023-06-13
URL	https://grupoalvez.com/net/	—	2023-06-13
URL	https://imesiojugbaye.com/bioo/	—	2023-06-13
URL	https://jabonsupremo.com/qs/	—	2023-06-13
URL	https://khidmatic.com/tpd/	—	2023-06-13
URL	https://kusicha.com/tmo/	—	2023-06-13
URL	https://lesdeuxpalmiers.com/mv/	—	2023-06-13
URL	https://lipsumtechnologies.com/sap/	—	2023-06-13
URL	https://macbahawalpur.com/iism/	—	2023-06-13
URL	https://massive-electronics.com/td/	—	2023-06-13
URL	https://matirmayaecoresort.com/mur/	—	2023-06-13
URL	https://mbr-soluciones.com/na/	—	2023-06-13
URL	https://melaniegowen.com/qs/	—	2023-06-13
URL	https://minifamilymart.com/ols/	—	2023-06-13
URL	https://mmesofashionworld.com/rnxe/	—	2023-06-13
URL	https://muuone.com/ua/	—	2023-06-13
URL	https://navjyotibookstore.com/aa/	—	2023-06-13
URL	https://neighbourhoodco.com/mro/	—	2023-06-13
URL	https://ninetofab.com/smro/	—	2023-06-13
URL	https://nsdvina.com/tc/	—	2023-06-13
URL	https://ozzyconstructionusa.com/tso/	—	2023-06-13
URL	https://picc-penang.com/droe/	—	2023-06-13
URL	https://policytvgroup.com/must/	—	2023-06-13
URL	https://poskio.fr/tei/	—	2023-06-13
URL	https://quadlandcorp.com/ari/	—	2023-06-13
URL	https://rucero.com/qoas/	—	2023-06-13
URL	https://sanivir19.com/dvio/	—	2023-06-13
URL	https://shilhaandara.com/luel/	—	2023-06-13
URL	https://shriswamivivekanandcollege.com/draa/	—	2023-06-13
URL	https://simracingpoint.com/sqt/	—	2023-06-13
URL	https://sindesis.com/nlh/	—	2023-06-13
URL	https://sirinatureroost.com/al/	—	2023-06-13
URL	https://slotgacormania.com/rs/	—	2023-06-13
URL	https://slotmahjongways2.net/gs/	—	2023-06-13
URL	https://slottdepositpulsa.com/ispc/	—	2023-06-13
URL	https://techitacs.com/sso/	—	2023-06-13
URL	https://technotaskglobal.com/stq/	—	2023-06-13
URL	https://thecompletemind.org/mi/	—	2023-06-13
URL	https://townfieldschools.com/sonn/	—	2023-06-13
URL	https://uniformesmedicosmexicali.com/otna/	—	2023-06-13
URL	https://vedrishi.com/omq/	—	2023-06-13
URL	https://wazfnee.com/euqt/	—	2023-06-13

References (1)

↗ https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB32_13.06.2023.txt