Overview

overview

10

Static

static

10

3f2681c4a6...3b.dll

windows7_x64

3

3f2681c4a6...3b.dll

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f2681c4a608ec4c8b57c3d25a7d2acb387eb707ee7f155df2a043c013c1f43b

  • Size

    120KB

  • Sample

    211104-2yey8ahhb4

  • MD5

    5fe97e6ac07dde840c71df15c5f8ca77

  • SHA1

    3efddbef4a6d09f9ad9c176caad8641c6c95c9db

  • SHA256

    3f2681c4a608ec4c8b57c3d25a7d2acb387eb707ee7f155df2a043c013c1f43b

  • SHA512

    927bedb0cf49f8a6d719067ade8e617eb7e5eacbed33e5c78b8a93a2d26a3b3f668f7f666637c54eeb7018c4546aee7f4e01d34746ab677743134d98281b0cd2

Score
10/10
qakbotobama1151634197867

Malware Config

Extracted

Family

qakbot

Version

402.363

Botnet

obama115

Campaign

1634197867

C2

91.178.126.51:995

220.255.25.28:2222

208.78.220.143:443

77.31.162.93:443

73.230.205.91:443

216.201.162.158:443

94.200.181.154:443

24.231.209.2:2222

89.137.52.44:443

140.82.49.12:443

65.100.174.110:32103

41.86.42.158:995

27.223.92.142:995

200.232.214.222:995

81.250.153.227:2222

217.17.56.163:465

122.60.71.201:995

120.150.218.241:995

41.228.22.180:443

69.30.186.190:443
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      3f2681c4a608ec4c8b57c3d25a7d2acb387eb707ee7f155df2a043c013c1f43b

    • Size

      120KB

    • MD5

      5fe97e6ac07dde840c71df15c5f8ca77

    • SHA1

      3efddbef4a6d09f9ad9c176caad8641c6c95c9db

    • SHA256

      3f2681c4a608ec4c8b57c3d25a7d2acb387eb707ee7f155df2a043c013c1f43b

    • SHA512

      927bedb0cf49f8a6d719067ade8e617eb7e5eacbed33e5c78b8a93a2d26a3b3f668f7f666637c54eeb7018c4546aee7f4e01d34746ab677743134d98281b0cd2

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks