Overview

overview

10

Static

static

10

872-57-0x0...ry.dll

windows7_x64

3

872-57-0x0...ry.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    872-57-0x0000000010000000-0x000000001008F000-memory.dmp

  • Size

    572KB

  • Sample

    220412-xfpy9aabf8

  • MD5

    9d1c03b5778aaeeb98d2add428c15b5b

  • SHA1

    50f8933351fdb2b4eaa6fb637aab27425dd0422a

  • SHA256

    e0b71f641092e0e577f4b2468b418dd2dcdbef6a7a84967e71980f2b9bd0e713

  • SHA512

    2fa416ff7e58dbda7c926686782da33f836c87fb83098890d7ec65fa9ed021ae25ed27189ccf850156e0cd8c4f64fac0454c3cc1f01c8d42931be6283adc22e9

Score
10/10
qakbotaa1649749884

Malware Config

Extracted

Family

qakbot

Version

403.573

Botnet

AA

Campaign

1649749884

C2

120.150.218.241:995

186.64.67.38:443

196.203.37.215:80

1.161.71.109:443

82.152.39.39:443

76.69.155.202:2222

72.66.116.235:995

103.107.113.120:443

113.11.89.165:995

208.107.221.224:443

103.88.226.30:443

75.99.168.194:443

75.113.214.234:2222

76.169.147.192:32103

190.73.3.148:2222

39.52.2.90:995

38.70.253.226:2222

5.95.58.211:2087

74.15.2.252:2222

76.70.9.169:2222
Attributes
  • salt

    jHxastDcds)oMc=jvh7wdUhxcsdt2

Targets

    • Target

      872-57-0x0000000010000000-0x000000001008F000-memory.dmp

    • Size

      572KB

    • MD5

      9d1c03b5778aaeeb98d2add428c15b5b

    • SHA1

      50f8933351fdb2b4eaa6fb637aab27425dd0422a

    • SHA256

      e0b71f641092e0e577f4b2468b418dd2dcdbef6a7a84967e71980f2b9bd0e713

    • SHA512

      2fa416ff7e58dbda7c926686782da33f836c87fb83098890d7ec65fa9ed021ae25ed27189ccf850156e0cd8c4f64fac0454c3cc1f01c8d42931be6283adc22e9

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks